openssl

Author	SHA1	Message	Date
Mark J. Cox	0a0a10d127	Ready for 0.9.8c release	2006-09-05 08:45:37 +00:00
Mark J. Cox	df20b6e79b	Avoid PKCS #1 v1.5 signature attack discovered by Daniel Bleichenbacher (CVE-2006-4339) Submitted by: Ben Laurie, Google Security Team Reviewed by: bmoeller, mjc, shenson	2006-09-05 08:25:42 +00:00
Dr. Stephen Henson	f4f1dc39e0	Fix from HEAD.	2006-08-31 21:01:41 +00:00
Dr. Stephen Henson	340b4dd7df	Fix from HEAD.	2006-08-31 20:11:09 +00:00
Ben Laurie	4b9dcd821f	Add IGE and biIGE modes.	2006-08-28 11:00:32 +00:00
Andy Polyakov	669c5c9380	Engage assembler in solaris64-x86_64-cc [backport from HEAD].	2006-08-01 16:13:47 +00:00
Bodo Möller	7f9aa6c59b	Camellia IPR information	2006-07-31 11:50:02 +00:00
Bodo Möller	d9c06b56ca	New Camellia implementation (replacing previous version) Submitted by: NTT	2006-07-19 13:38:27 +00:00
Bodo Möller	d045e1d77e	Camellia information	2006-07-19 13:37:10 +00:00
Dr. Stephen Henson	6d14cc7ec1	Fix from HEAD.	2006-07-13 20:35:33 +00:00
Dr. Stephen Henson	eb499b2854	Oops...	2006-07-09 12:07:22 +00:00
Dr. Stephen Henson	65a82ef6d7	Fix from HEAD.	2006-07-09 12:03:02 +00:00
Ben Laurie	616f581650	Fix warning.	2006-07-02 14:43:21 +00:00
Bodo Möller	57e802656f	documentation for "HIGH" vs. "MEDIUM" was not up-to-date	2006-06-30 22:03:48 +00:00
Bodo Möller	5d7f15daf8	use <poll.h> as by Single Unix Specification	2006-06-30 08:14:50 +00:00
Bodo Möller	ec67e3b7e4	always read in RAND_poll() if we can't use select because of a too large FD: it's non-blocking mode anyway	2006-06-28 14:50:00 +00:00
Andy Polyakov	0d3ff3c073	aes-586.pl sync from HEAD.	2006-06-28 09:01:40 +00:00
Andy Polyakov	325e48867c	Mitigate the hazard of cache-collision timing attack on last round [from HEAD].	2006-06-28 08:58:15 +00:00
Richard Levitte	8de95bc05b	Use poll() when possible to gather Unix randomness entropy	2006-06-27 06:31:57 +00:00
Bodo Möller	5e3003bb52	Be more explicit about requirements for multi-threading.	2006-06-23 14:59:59 +00:00
Bodo Möller	e6e3f38bfa	Fix for previous change: explicitly named ciphersuites are OK to add	2006-06-22 13:07:45 +00:00
Bodo Möller	aa17ab7e57	Put ECCdraft ciphersuites back into default build (but disabled unless specifically requested)	2006-06-22 12:35:54 +00:00
Bodo Möller	35908bd040	Remove ECC ciphersuites from 0.9.8 branch (should use 0.9.9 branch)	2006-06-20 08:50:33 +00:00
Bodo Möller	4a9cfd763e	Another thread-safety fix	2006-06-16 01:01:14 +00:00
Bodo Möller	0e73294e26	Disable invalid ciphersuites	2006-06-14 17:52:01 +00:00
Bodo Möller	b610f46bae	Make sure that AES ciphersuites get priority over Camellia ciphersuites in the default cipher string.	2006-06-14 13:52:49 +00:00
Bodo Möller	1921a1adb2	"make depend" for the default configuration, i.e. no-camellia here in the 0.9.8 branch!	2006-06-14 09:56:08 +00:00
Bodo Möller	6d2cd23f40	Thread-safety fixes	2006-06-14 08:51:41 +00:00
Bodo Möller	14fb67f28a	make update	2006-06-14 08:47:00 +00:00
Richard Levitte	c552680473	Keep synchronised with Unix	2006-06-12 06:46:27 +00:00
Bodo Möller	edbf9f878d	Camellia cipher, contributed by NTT Submitted by: Masashi Fujita Reviewed by: Bodo Moeller	2006-06-11 01:08:15 +00:00
Richard Levitte	2745ddfc33	Keep synchronised with the Unix build	2006-06-10 05:38:29 +00:00
Bodo Möller	808606034a	Camellia cipher, contributed by NTT Submitted by: Masashi Fujita Reviewed by: Bodo Moeller	2006-06-09 22:31:05 +00:00
Bodo Möller	e18eef3d7a	Camellia cipher, contributed by NTT Submitted by: Masashi Fujita Reviewed by: Bodo Moeller	2006-06-09 15:42:21 +00:00
Andy Polyakov	e78fc11a95	Tidy up hpux targets.	2006-05-20 08:51:11 +00:00
Dr. Stephen Henson	83231cb376	Fix from HEAD.	2006-05-17 18:25:59 +00:00
Dr. Stephen Henson	986ad56124	Fix from HEAD.	2006-05-17 18:20:27 +00:00
Dr. Stephen Henson	b723a7b11b	Don't check for padding bug if compression is negotiated. PR: 1204	2006-05-07 12:27:48 +00:00
Ulf Möller	1b6b67b17e	bug fix. PR: 1326 Submitted by: John Skodon	2006-05-06 18:35:41 +00:00
Dr. Stephen Henson	1ee3236f72	Update debug-steve	2006-05-06 12:18:15 +00:00
Dr. Stephen Henson	b03a4917be	Backport of CPUID support in mk1mf and update Mingw32 batch file to build cpuid source file.	2006-05-05 13:19:35 +00:00
Dr. Stephen Henson	84971b39f5	Initial support for single batch file to build all Win32 ASM files.	2006-05-05 00:22:18 +00:00
Dr. Stephen Henson	5ab3e743f3	Detect MSYS and use Unix like build if detected.	2006-05-04 16:24:27 +00:00
Dr. Stephen Henson	1c5dc844e7	Update for next dev version.	2006-05-04 13:08:35 +00:00
Dr. Stephen Henson	f871949efd	Prepare for new release.	2006-05-04 12:46:42 +00:00
Dr. Stephen Henson	eb2ec6bee9	make update	2006-05-04 12:15:59 +00:00
Dr. Stephen Henson	df22f59f6e	Update NEWS file.	2006-05-04 11:23:28 +00:00
Dr. Stephen Henson	db0edc3273	Inherit check time if appropriate.	2006-05-03 13:16:02 +00:00
Dr. Stephen Henson	6300c14248	Create a crlnumber file when a CA is created using CA.pl	2006-04-28 00:28:51 +00:00
Dr. Stephen Henson	d4426e79a7	Fix warning.	2006-04-15 17:53:52 +00:00
Dr. Stephen Henson	b095418d20	Fix from 0.9.7-stable.	2006-04-15 17:43:18 +00:00
Dr. Stephen Henson	d6fd880481	Fix on the right branch this time :-)	2006-04-15 13:17:53 +00:00
Dr. Stephen Henson	cbb0b734c7	If cipher list contains a match for an explicit ciphersuite only match that one suite.	2006-04-15 00:22:34 +00:00
Richard Levitte	f4bcd70f27	Change chop to chomp when reading lines, so CRLF is properly processed on the operating systems where they are the normal line endings	2006-04-03 09:15:40 +00:00
Ulf Möller	6e16b45d9d	* empty log message *	2006-03-17 19:29:26 +00:00
Ulf Möller	e09e7ab362	as in head	2006-03-17 19:27:22 +00:00
Nils Larsch	d5cc2f19cd	fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()	2006-03-14 22:48:31 +00:00
Nils Larsch	b7a80146f4	fix error found by coverity: check if ctx is != NULL before calling BN_CTX_end()	2006-03-13 23:12:08 +00:00
Bodo Möller	5586a71a6e	clarification	2006-03-11 22:10:46 +00:00
Dr. Stephen Henson	81418b7c77	Update from HEAD.	2006-03-01 21:17:50 +00:00
Nils Larsch	8bd0c77ae3	force C locale when using [a-z] in sed expressions PR: 1283 Submitted by: Mike Frysinger	2006-03-01 19:52:07 +00:00
Nils Larsch	e2217e7ed5	fix "#ifndef HZ" statement PR: 1287	2006-02-28 20:08:46 +00:00
Nils Larsch	51b75ea7ef	fix Intel Mac configuration; patch supplied by JP Szikora <szikora@icp.ucl.ac.be>	2006-02-25 11:53:45 +00:00
Nils Larsch	41d4d6721c	fix no-dh configure option; patch supplied by Peter Meerwald	2006-02-24 17:58:35 +00:00
Dr. Stephen Henson	9d01d50459	Update from head.	2006-02-21 01:00:47 +00:00
Dr. Stephen Henson	e27c67c5c5	Fix from HEAD.	2006-02-19 13:45:22 +00:00
Nils Larsch	e7decd5f4d	fix typos PR: 1280	2006-02-15 19:44:45 +00:00
Dr. Stephen Henson	38a3178185	Fix OBJ_obj2txt() for large OIDs.	2006-02-15 15:03:47 +00:00
Nils Larsch	58828ae573	fix typo: pass pre-computed parameters to the underlying signature function; thanks to Lucas Newman	2006-02-13 08:22:39 +00:00
Richard Levitte	6b5f5e3508	Backport the following changes from HEAD: 1.270: As an effect of revisions 1.261, BUILD_CMD was changed so $(DIRS) wasn't respected when using it to build different parts of OpenSSL. 1.269 was an attempt to correct that, but unfortunately meant that we built every part that was given i $(DIRS) 7 times. This change puts back the original intent with BUILD_CMD via the new macro BUILD_ONE_CMD while keeping the intent with RECURSIVE_BUILD_CMD. 1.271: Document the building macros.	2006-02-10 08:52:56 +00:00
Dr. Stephen Henson	f0ec771933	Update from 0.9.7-stable.	2006-02-09 12:28:30 +00:00
Nils Larsch	22d1087e16	backport recent changes from the cvs head	2006-02-08 19:16:33 +00:00
Dr. Stephen Henson	9f85fcefdc	Update filenames in makefiles	2006-02-04 01:49:36 +00:00
Dr. Stephen Henson	269d2575cd	Fix from HEAD.	2006-02-04 01:26:49 +00:00
Nils Larsch	0b8ed5de2d	fix if statement: call conn_state() if the BIO is not in the BIO_CONN_S_OK state	2006-02-02 22:16:45 +00:00
Ben Laurie	c22684eac9	Constification.	2006-02-02 15:27:22 +00:00
Dr. Stephen Henson	c42cd4b831	Fix from HEAD.	2006-01-31 18:37:41 +00:00
Lutz Jänicke	4d018f7067	Typo Submitted by: Girish Venkatachalam <girish1729@gmail.com>	2006-01-30 17:06:59 +00:00
Dr. Stephen Henson	46eaf3b0cc	file fipslink.pl was added on branch OpenSSL_0_9_8-stable on 2008-09-18 11:20:08 +0000	2006-01-21 21:28:27 +00:00
Dr. Stephen Henson	9df2a00b94	file fipsld was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2006-01-21 14:01:13 +00:00
Dr. Stephen Henson	fbcf4bc1f2	file fips_premain.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2006-01-21 14:01:11 +00:00
Dr. Stephen Henson	ca08c064bb	file fips_canister.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2006-01-21 14:01:09 +00:00
Dr. Stephen Henson	02df47d349	Fixes for BOOL handling: produce errors for invalid string for mini-compiler, correctly encode FALSE for BOOL in ASN1_TYPE.	2006-01-19 17:17:33 +00:00
Dr. Stephen Henson	41c39e3366	Fix for Win32 dynamic engine loading.	2006-01-15 17:28:35 +00:00
Nils Larsch	45803988ce	make "./configure no-ssl2" work again PR: 1217	2006-01-15 16:57:01 +00:00
Dr. Stephen Henson	28251e7ff9	Typo.	2006-01-15 13:56:06 +00:00
Dr. Stephen Henson	217382d584	Handle manifest files for VC++ Submitted by: Austin Ziegler <halostatue@gmail.com>	2006-01-15 13:46:20 +00:00
Nils Larsch	82a2cb6f51	fix cipher list order	2006-01-15 07:14:38 +00:00
Nils Larsch	611ed5f312	fix comment PR: 1270	2006-01-13 23:52:17 +00:00
Nils Larsch	27fbb5dbf4	2 is a prime number ... PR: 1266	2006-01-13 23:29:31 +00:00
Richard Levitte	db8d9b7cf1	Forgot to initialize CC6DISABLEWARNINGS properly...	2006-01-11 18:55:49 +00:00
Richard Levitte	60ec950517	Typo...	2006-01-11 13:31:19 +00:00
Richard Levitte	2cd4ebc01f	Disable the Mixed Linkage warning for some selected modules. This is because the Compaq C compiler will not accept that a variable be declared extern then defined static without a warning.	2006-01-09 19:22:53 +00:00
Richard Levitte	5f4dcaf781	/usr/bin/perl util/mkerr.pl -recurse -write -rebuild	2006-01-09 16:05:22 +00:00
Bodo Möller	c55d882fab	Avoid contradictive error code assignments. "make error".	2006-01-08 21:52:46 +00:00
Bodo Möller	8dc7450068	Detect more errors. Change assignment strategy: rathern than using max+r for new codes, find first hole in list of existing codes.	2006-01-08 21:40:07 +00:00
Bodo Möller	2e885232c2	Some error code cleanups (SSL lib. used SSL_R_... codes reserved for alerts)	2006-01-08 19:41:25 +00:00
Dr. Stephen Henson	970d9b3795	Update from HEAD.	2006-01-03 14:20:47 +00:00
Bodo Möller	2f58af0d85	Make sure that after the change from revision 1.256.2.6 (1.261 in HEAD), it's still possible to do a partial build.	2006-01-03 03:04:46 +00:00
Richard Levitte	0ae50f19da	Missing files in the VMS installation	2006-01-02 23:33:06 +00:00
Andy Polyakov	c4ac37361e	util/*.pl update from HEAD.	2006-01-02 14:08:22 +00:00
Andy Polyakov	3152861e81	mkerr.pl update from HEAD.	2006-01-01 18:43:37 +00:00
Bodo Möller	a14afd0804	Rewrite timeout computation in a way that is less prone to overflow. (Problem reported by Peter Sylvester.)	2005-12-30 23:51:57 +00:00
Andy Polyakov	25d5d1a60d	eng_padlock.c update from HEAD.	2005-12-28 16:26:07 +00:00
Andy Polyakov	6ff58b9240	Minor eng_padlock.c update from HEAD.	2005-12-27 21:24:22 +00:00
Andy Polyakov	99237262d4	Missing CFLAG in couple of depend: targets [from HEAD]. PR: 1247 Submitted by: Doug Kaufman	2005-12-18 19:02:22 +00:00
Andy Polyakov	29982dfd15	DJGPP-related e_os2.h update from HEAD. PR: 1247	2005-12-18 18:57:07 +00:00
Andy Polyakov	6c4da94687	bio.h update from HEAD. PR: 1252	2005-12-16 21:24:59 +00:00
Andy Polyakov	6986d0e6eb	Fix typos in osf1 shared rules [from HEAD]. PR: 1248	2005-12-16 20:52:38 +00:00
Bodo Möller	bc9320452c	update TLS-ECC code Submitted by: Douglas Stebila	2005-12-13 07:41:47 +00:00
Bodo Möller	23d43aae27	add missing entry (the corresponding code is in the 0.9.8 branch, and both the code and the CHANGES entry are in HEAD)	2005-12-13 07:32:10 +00:00
Bodo Möller	de71735e7c	comment	2005-12-13 05:46:30 +00:00
Andy Polyakov	05decf3638	Perlasm update from HEAD addressing build problems on non-ELF platforms after http://cvs.openssl.org/chngview?cn=14661.	2005-12-06 18:47:18 +00:00
Dr. Stephen Henson	95bffa1a1f	Fix from HEAD.	2005-12-06 13:37:56 +00:00
Dr. Stephen Henson	974d52fdb8	Fix from HEAD.	2005-12-05 17:32:22 +00:00
Dr. Stephen Henson	7614f0e55e	Various zlib related fixes and enhancements.	2005-12-05 13:34:56 +00:00
Dr. Stephen Henson	0632284f79	Fix warning.	2005-12-04 21:34:51 +00:00
Dr. Stephen Henson	ad4a89f070	Fix from HEAD.	2005-12-03 17:47:20 +00:00
Andy Polyakov	6104c49f31	x86cpuid.pl update [from HEAD].	2005-12-03 11:57:36 +00:00
Dr. Stephen Henson	07fc760999	Update ordinals.	2005-12-02 13:56:04 +00:00
Dr. Stephen Henson	cf6bc84148	Update from HEAD.	2005-12-02 13:47:02 +00:00
Dr. Stephen Henson	36d51bea93	Update from HEAD.	2005-12-02 13:29:28 +00:00
Dr. Stephen Henson	fc12885b1b	Fix from HEAD.	2005-11-30 19:25:31 +00:00
Ben Laurie	ec7033745e	Fix memory leak.	2005-11-25 14:26:12 +00:00
Ben Laurie	9e31e63147	Improve documentation.	2005-11-25 13:46:41 +00:00
Dr. Stephen Henson	feef17fd88	Update from HEAD.	2005-11-20 13:26:57 +00:00
Andy Polyakov	817f011191	Keep shutting up VC8 [from HEAD]. PR: 1243	2005-11-15 08:09:04 +00:00
Andy Polyakov	98c045cf3a	crypto/bn/asm/sparcv8plus.S update from HEAD.	2005-11-15 08:05:19 +00:00
Dr. Stephen Henson	8860f3a82a	Fix possible race condition.	2005-11-11 12:59:39 +00:00
Andy Polyakov	43e9f4ca2f	crypto/Makefile update from HEAD. PR: 1236	2005-11-09 20:47:40 +00:00
Andy Polyakov	586f843c76	FAQ update from HEAD.	2005-11-09 19:47:40 +00:00
Andy Polyakov	7cfc9e6d8c	AIX -blibpath is not accumulative, one apparently has to specify even self-obvious /usr/lib:/lib. PR: 1239	2005-11-09 17:28:22 +00:00
Andy Polyakov	4952ed0fa4	FAQ and ms/applink.c update from HEAD.	2005-11-09 17:12:42 +00:00
Dr. Stephen Henson	a084185d76	Document VC++ build changes.	2005-11-07 00:32:47 +00:00
Dr. Stephen Henson	914b80d276	Update from head.	2005-11-07 00:23:37 +00:00
Dr. Stephen Henson	282557da52	Include a "test" target do (hopefully) do something sensible.	2005-11-07 00:08:55 +00:00
Dr. Stephen Henson	5f649d583c	Fix "install" target for Win32 to install most utilities in a sensible location.	2005-11-07 00:05:27 +00:00
Dr. Stephen Henson	b98225ebf5	"copy" perl script to avoid problems with Win32 builtin copy command.	2005-11-06 17:54:51 +00:00
Dr. Stephen Henson	abb0c2bba4	Update VC++ build engine to include supported engine DLL builds.	2005-11-06 17:49:00 +00:00
Nils Larsch	b3bdb474a9	fix typo, pointed out by Patrick Guio	2005-11-02 22:19:23 +00:00
Nils Larsch	d796e6acb7	compile sstrsep only if HAVE_FORK is defined; patch supplied by Johan Gill <johane@lysator.liu.se>	2005-11-02 22:13:23 +00:00
Richard Levitte	d3afc92bc9	Document it	2005-11-01 07:53:43 +00:00
Richard Levitte	35a97b4b7b	Fix numerous bugs in the Win32 path splitter	2005-11-01 07:49:47 +00:00
Richard Levitte	f59463aad3	A slight change in documentation that makes it so much more comprehensible	2005-11-01 04:56:29 +00:00
Dr. Stephen Henson	ed656499c4	Fix from HEAD.	2005-10-29 12:52:10 +00:00
Andy Polyakov	63533e9a22	Add -install_name to link_a.darwin rule [from HEAD]. PR: 1218	2005-10-28 08:11:51 +00:00
Bodo Möller	20f7053254	harmonize with 0.9.7-stable CHANGES	2005-10-26 19:26:15 +00:00
Andy Polyakov	8b8ef74d39	Fix typos in macos x targets [from HEAD].	2005-10-25 22:08:11 +00:00
Andy Polyakov	3bfe024d8d	Fix install problems on MacOS X and HP-UX. PR: 1218,1185	2005-10-25 22:03:36 +00:00
Andy Polyakov	063333e03d	Add rudimentary aix64-gcc target [from HEAD]. Submitted by: Stefan Neis	2005-10-19 18:47:31 +00:00
Andy Polyakov	0a0918ff38	util/pl/OS2-EMX.pl sync [from HEAD]. Submitted by: Stefan Neis, Brian Havard	2005-10-19 18:38:09 +00:00
Mark J. Cox	802c014656	One time CAN->CVE change	2005-10-19 10:51:36 +00:00
Richard Levitte	860841794d	Add in CHANGES for 0.9.7i.	2005-10-15 04:27:05 +00:00
Andy Polyakov	2a87c31237	Broaden compatibility amount Win32 headers even further [from HEAD].	2005-10-13 19:07:28 +00:00
Richard Levitte	da5f7fdcee	The version text wasn't bumoed after tagging...	2005-10-11 19:26:41 +00:00
Mark J. Cox	d8b408b1de	Bump after tag	2005-10-11 10:21:22 +00:00
Mark J. Cox	64932f9e4a	Add fixes for CAN-2005-2969 Bump release ready for OpenSSL_0_9_8a tag	2005-10-11 10:16:21 +00:00
Richard Levitte	5a20efcf17	Synchronise with Unixly make.	2005-10-11 10:15:56 +00:00
Dr. Stephen Henson	2a2857bbc8	Update ordinals	2005-10-10 00:37:36 +00:00
Dr. Stephen Henson	1bef284ab1	Update from HEAD.	2005-10-05 17:53:40 +00:00
Andy Polyakov	d8d0b6434f	Documentation update from HEAD. PR: 1160	2005-10-04 06:35:14 +00:00
Dr. Stephen Henson	416b6fd115	Make OPENSSL_NO_COMP work on Win32.	2005-10-02 12:26:06 +00:00
Dr. Stephen Henson	f685cf920b	As HEAD.	2005-10-01 00:41:24 +00:00
Dr. Stephen Henson	54f51116b2	Update from HEAD.	2005-09-30 23:38:20 +00:00
Nils Larsch	b0d90958fc	successfully updating the db shouldn't result in an error message	2005-09-30 16:47:15 +00:00
Andy Polyakov	049ced2c2f	Fix typo [from HEAD].	2005-09-29 20:18:05 +00:00
Andy Polyakov	844b0e603b	Fix missing applink call [from HEAD].	2005-09-29 16:59:19 +00:00
Richard Levitte	75ef751e23	Change a comment so it corresponds to reality. Put back a character that was previously replaced with a NUL for parsing purposes. This seems to fix a very weird parsing bug involving two variable references in the same value.	2005-09-28 18:03:06 +00:00
Dr. Stephen Henson	c4f6e56fca	Avoid unused variable warnings.	2005-09-26 02:40:18 +00:00
Nils Larsch	ff86d3d894	protect BN_BLINDING_invert with a write lock and BN_BLINDING_convert with a read lock Submitted by: Leandro Santi <lesanti@fiuba7504.com.ar>	2005-09-22 23:32:49 +00:00
Andy Polyakov	85b4c03e33	Fix SunOS 4 building issue [from HEAD]. PR: 1196 Submitted by: Russel Ruby	2005-09-22 20:39:25 +00:00
Andy Polyakov	efaf159af6	Broaden compatibility among Windows SDK versions [from HEAD].	2005-09-22 20:29:35 +00:00
Dr. Stephen Henson	daa657fb78	Fix from HEAD.	2005-09-21 00:57:28 +00:00
Andy Polyakov	4685663d73	Latest MSVCR80 doesn't tolerate unsupported signal numbers [from HEAD]. PR: 1205	2005-09-20 20:32:36 +00:00
Andy Polyakov	ed1f716022	"Overload" SunOS 4.x memcmp, which ruins ASN1_OBJECT table lookups [from HEAD]. PR: 1196 Submitted by: Russel Ruby	2005-09-20 20:25:17 +00:00
Andy Polyakov	d3205a4898	Fix typo [from HEAD]. PR: 1198	2005-09-20 12:16:30 +00:00
Andy Polyakov	86731ce2c6	Refine AIX support [from HEAD]. PR: 1198	2005-09-20 07:44:11 +00:00
Andy Polyakov	1399309624	BC-32.pl updates [from HEAD]. Submitted by: Old Wolf, Jon Bright	2005-09-20 07:09:29 +00:00
Andy Polyakov	cb59297438	Proper solution to nasm compilation problems in Borland context.	2005-09-20 06:15:18 +00:00
Andy Polyakov	5824f6bc06	./PROBLEMS update from HEAD. PR: 1176 [and others]	2005-09-19 14:58:57 +00:00
Andy Polyakov	5ce7090d54	Missing spaces in VC-32.pl.	2005-09-19 14:43:32 +00:00
Andy Polyakov	7306ab29bc	bswapl usage should be masked by I386_ONLY. PR: 1195	2005-09-19 13:17:07 +00:00
Dr. Stephen Henson	3a8b42f291	Don't always use issuer serial version of AKID.	2005-09-16 12:20:24 +00:00
Nils Larsch	e4c25383f2	fix typos PR: 1201	2005-09-15 19:12:01 +00:00
Nils Larsch	e734dcc2c7	bugfix: register engine as default engine in ENGINE_set_default_DSA Submitted by: Jonathon Green	2005-09-09 07:52:18 +00:00
Dr. Stephen Henson	0fce007b8e	Add two extra verify flags functions.	2005-09-02 22:48:21 +00:00
Nils Larsch	5a053a3a07	fix typo in sbgp names PR: 1194	2005-09-02 21:22:50 +00:00
Nils Larsch	3b2ba5f7fb	don't try to load cert/key when the "-nocert" option is set	2005-09-02 12:27:02 +00:00
Nils Larsch	7f622f6c04	fix warnings when building openssl with (gcc 3.3.1): -Wmissing-prototypes -Wcomment -Wformat -Wimplicit -Wmain -Wmultichar -Wswitch -Wshadow -Wtrigraphs -Werror -Wchar-subscripts -Wstrict-prototypes -Wreturn-type -Wpointer-arith -W -Wunused -Wno-unused-parameter -Wuninitialized	2005-08-28 23:20:52 +00:00
Ben Laurie	801136bcc2	Fix warnings.	2005-08-27 12:05:23 +00:00
Nils Larsch	3c0e39c539	Keep cipher lists sorted in the source instead of sorting them at runtime, thus removing the need for a lock. Add a test to ssltest to verify that the cipher lists are sorted.	2005-08-25 07:43:04 +00:00
Bodo Möller	19fddebf0e	recent DH change does not avoid all possible small-subgroup attacks; let's be clear about that	2005-08-23 06:55:45 +00:00
Bodo Möller	9eaf7e14c7	avoid potential spurious BN_free() Submitted by: David Heine <dlheine@suif.Stanford.EDU>	2005-08-23 04:14:55 +00:00
Ben Laurie	0e441bc103	Missing arguments.	2005-08-22 04:59:27 +00:00
Nils Larsch	cd9911fdf8	initialize cipher/digest methods table in SSL_library_init() and hence remove the need for a lock	2005-08-21 23:06:51 +00:00
Ben Laurie	6086422193	Missed stuff.	2005-08-20 21:30:33 +00:00
Ben Laurie	9ddb11f11c	Avoid weak subgroups in Diffie Hellman.	2005-08-20 18:35:53 +00:00
Andy Polyakov	7a20cabd03	Eliminate reference to removed platform line [from HEAD].	2005-08-11 09:40:30 +00:00
Andy Polyakov	9dc4ca4507	Pedantic polish to ectest.c [from HEAD].	2005-08-11 08:44:34 +00:00
Andy Polyakov	62fea98b4f	Fix typo in WCE section in VC-32.pl [from HEAD].	2005-08-11 08:19:43 +00:00
Andy Polyakov	7ae4eac5b6	INSTALL.WCE update from HEAD.	2005-08-10 08:40:26 +00:00
Andy Polyakov	fcf8ae5e2b	Suppress "deprecated" warnings introduced in VC8 [from HEAD]. PR: 1183	2005-08-09 22:45:51 +00:00
Andy Polyakov	55b9a7938b	Add support for more recent WCE SDK.	2005-08-09 22:20:45 +00:00
Nils Larsch	cf1546a60e	a ssl object needs it's own instance of a ecdh key; remove obsolete comment	2005-08-08 19:39:29 +00:00
Nils Larsch	e7eec05af0	fix typo	2005-08-08 19:26:35 +00:00
Andy Polyakov	98e986141b	Windows CE update from HEAD.	2005-08-07 22:29:58 +00:00
Nils Larsch	d7e35e0371	avoid infinite recursion if dynamic engine isn't loaded Submitted by: Jonathon Green <jonathon_au@yahoo.com>	2005-08-06 10:34:35 +00:00
Dr. Stephen Henson	222f224664	Initialize SSL_METHOD structures at compile time. This removes the need for locking code. The CRYPTO_LOCK_SSL_METHOD lock is now no longer used.	2005-08-05 23:52:08 +00:00
Nils Larsch	62b6cd007f	fix potential memory leak + improved error checking PR: 1182	2005-08-05 09:41:24 +00:00
Dr. Stephen Henson	1682e8fb12	Allow PKCS7_decrypt() to work if no cert supplied.	2005-08-04 22:10:05 +00:00
Andy Polyakov	984aefe0e8	3-4 times better RSA/DSA performance on WIN64A target [from HEAD].	2005-08-04 17:42:58 +00:00
Andy Polyakov	2d54cc69c9	WCE update, mostly typos [from HEAD].	2005-08-03 20:04:05 +00:00
Andy Polyakov	2dd8278de8	PIC-ify SPARC assembler in alternative manner to eliminate dependency on OPENSSL_PIC macro [from HEAD].	2005-08-03 10:44:29 +00:00
Andy Polyakov	e0d8ac972e	Abstain from GUI calls in rand_win.c in NT service context [from HEAD].	2005-08-02 22:22:17 +00:00
Andy Polyakov	ec03812fb0	WCE-specific update for VC-32.pl [from HEAD].	2005-08-02 22:21:39 +00:00
Andy Polyakov	93cf2b17bf	WCE-specific fix for cryptlib.c [from HEAD].	2005-08-02 22:21:07 +00:00
Andy Polyakov	77ef1a989d	Keep disclaiming 16-bit support [from HEAD].	2005-08-02 22:20:15 +00:00
Andy Polyakov	423c7ac6c6	Optimize for space on embedded WCE. [from HEAD]	2005-08-02 14:11:04 +00:00
Andy Polyakov	2c368ef148	WCE-specific update from HEAD.	2005-08-02 12:21:35 +00:00
Andy Polyakov	b3c7162fd0	WCE update from HEAD.	2005-08-02 12:03:09 +00:00
Andy Polyakov	67865069eb	Implement complementary LoadLibraryA shim under WCE. [from HEAD]	2005-08-02 11:03:42 +00:00
Andy Polyakov	1896a9be60	Typo in OSF1 platform name.	2005-08-02 10:59:42 +00:00
Andy Polyakov	b5b2c037c1	Eliminate dependency on 3rd party wcedefs.mak [from HEAD].	2005-07-30 19:51:55 +00:00
Andy Polyakov	1957924d51	Fix #if _MSC_VER clause in aes_locl.h [from HEAD].	2005-07-30 19:49:24 +00:00
Nils Larsch	104a66f256	remove unused variable	2005-07-27 20:19:51 +00:00
Nils Larsch	3de6d65ea3	improved error checking and some fixes PR: 1170 Submitted by: Yair Elharrar Reviewed and edited by: Nils Larsch	2005-07-26 20:55:17 +00:00
Dr. Stephen Henson	fdb0a6e004	Update from head.	2005-07-26 12:46:53 +00:00
Nils Larsch	87b857b6bf	fix BN_mod_word and give a more reasonable return value if an error occurred	2005-07-25 22:55:48 +00:00
Dr. Stephen Henson	b18165301d	Update from head.	2005-07-25 18:40:09 +00:00
Andy Polyakov	097e65944a	Visual C specific update from HEAD.	2005-07-24 21:55:41 +00:00
Nils Larsch	0cdd29ea78	Remove BN_CTX_DEBUG from the normal debug build flags (it's too noisy to be really useful for 'normal' debugging). Disable EC_GROUP_precompute_mult for the nist curves in ectest.c as it causes problems when libefence is used.	2005-07-23 08:46:41 +00:00
Nils Larsch	7dec24688f	set correct bn->top value	2005-07-21 22:38:16 +00:00
Nils Larsch	e62fa54811	the final byte of pkcs7 padded plaintext can never be 0 Submitted by: K S Sreeram <sreeram@tachyontech.net>	2005-07-20 22:02:25 +00:00
Andy Polyakov	1614174e79	Bug-fix from HEAD. PR: 1130	2005-07-19 23:10:04 +00:00
Nils Larsch	f95d097359	fix typo	2005-07-17 21:05:11 +00:00
Nils Larsch	3c6ab9aad9	bugfix: 0 - w (w != 0) is actually negative	2005-07-17 16:08:21 +00:00
Nils Larsch	4913b88f70	make ./configure no-deprecated [no-dsa] [no-dh] [no-ec] [no-rsa] make all test work again (+ make update) PR: 1159	2005-07-16 11:13:10 +00:00
Nils Larsch	273157153c	add missing entries for "-multivalue-rdn" and "-utf8" in ca.pod and req.pod PR: 1158 Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de>	2005-07-15 09:50:38 +00:00
Nils Larsch	fb5156ff38	the second argument to d2i_X509, d2i_X509_CRL and d2i_X509_REQ is const PR: 1156 Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de>	2005-07-13 21:58:40 +00:00
Andy Polyakov	2a824402f3	DES CFB bug-fix from HEAD.	2005-07-08 16:48:34 +00:00
Richard Levitte	86a249fe4f	On case insensitive systems, 'install' gets mixed up with the existing file 'INSTALL', so we need to put some force into installing	2005-07-08 10:13:25 +00:00
Richard Levitte	6cae8221c9	Oops, the release date in the FAQ was wrong. I'm not retagging it, but I made the same change in the distribution directory, so the distribution will have a corrected FAQ.	2005-07-05 19:20:11 +00:00
Richard Levitte	750cb3d248	Now that 0.9.8 has been tagged, it's time to move on.	2005-07-05 19:11:56 +00:00
Richard Levitte	f254b540b8	Time to release OpenSSL 0.9.8. The tag will be OpenSSL_0_9_8.	2005-07-05 18:49:43 +00:00
Richard Levitte	11024f252e	make update	2005-07-05 18:41:28 +00:00
Richard Levitte	9d5cba17ba	We don't support no-engine for now. It's a lot more work than one might imagine.	2005-07-05 18:32:37 +00:00
Richard Levitte	1d01c9d43d	Last additions to the release documentation.	2005-07-05 18:32:05 +00:00
Andy Polyakov	e32ea81876	Mention Win64 support in CHANGES and throw in building instructions.	2005-07-05 10:53:13 +00:00
Richard Levitte	ef8a18f49b	Add libcrypto.pc and libssl.pc, and install them along with openssl.pc. PR: 1143	2005-07-05 05:14:21 +00:00
Andy Polyakov	b914049c53	Get rid of "unary minus applied to unsigned type" warning.	2005-07-04 23:30:31 +00:00
Andy Polyakov	dabaea8048	To secure Win64 API I'm throwing in this minimalistic Win64 support.	2005-07-04 23:24:12 +00:00
Dr. Stephen Henson	09c1a425a9	Add utf8 options to ca utility. PR:1109	2005-07-04 23:04:28 +00:00
Richard Levitte	8c6fed007f	The private key should never have ended up in newreq.pem. Now, it ends up in newkey.pem instead.	2005-07-04 21:44:22 +00:00
Andy Polyakov	2e39604021	Fix bugs in bug-fix to x509/by_dir.c [from HEAD]. PR: 1131	2005-07-03 13:15:53 +00:00
Andy Polyakov	fbfb947b21	Bugfix for bn_div_words PPC assembler implementation [from HEAD].	2005-07-03 09:23:57 +00:00
Nils Larsch	8b963f4ba4	initialize newly allocated data PR: 1145	2005-07-01 16:15:48 +00:00
Dr. Stephen Henson	9152f07eaf	Check PKCS7 structures in PKCS#12 files are of type data.	2005-06-30 11:34:27 +00:00
Richard Levitte	35f70c09f5	Actually, the 64bit format specifier differs between SIXTY_FOUR_BIT and SIXTY_FOUR_BIT_LONG	2005-06-29 18:48:12 +00:00
Richard Levitte	cc4cba7b5d	asn1parse doesn't support any TXT format, so let's stop pretending it does.	2005-06-28 15:44:18 +00:00
Nils Larsch	6b695fefd0	remove OPENSSL_NO_ASM dependency	2005-06-28 15:03:58 +00:00
Ben Laurie	910d193029	Did you know it was wrong to use a char as an array index?	2005-06-28 13:27:53 +00:00
Ben Laurie	f18dd687c8	Nasty fix for another warning, but all I have the patience for right now.	2005-06-28 13:07:46 +00:00
Ben Laurie	50d5376698	Replace missing character deleted in error.	2005-06-28 12:53:33 +00:00
Ben Laurie	5b9b62a7db	Fix warning.	2005-06-28 12:41:35 +00:00
Ben Laurie	c0e29e5b01	Fix warnings.	2005-06-28 12:32:48 +00:00
Andy Polyakov	2f03129d46	bn.h update from HEAD.	2005-06-28 11:52:52 +00:00
Andy Polyakov	b44e2d3416	x86nasm.pl update from HEAD.	2005-06-28 11:30:12 +00:00
Andy Polyakov	564915681c	PROBLEMS update from HEAD.	2005-06-28 10:00:08 +00:00
Andy Polyakov	a24b7eeb87	Makefile updates from HEAD [see http://cvs.openssl.org/chngview?cn=14099 for further details].	2005-06-28 09:10:19 +00:00
Richard Levitte	0215c01861	There are a few showstoppers. Unfortunately, I only remember one. Please fill this in.	2005-06-28 05:55:24 +00:00
Andy Polyakov	beae6324e5	Eliminate dependency on UNICODE macro.	2005-06-27 21:21:12 +00:00
Andy Polyakov	71a61c573e	Fix typos in apps/apps.c.	2005-06-27 15:58:55 +00:00
Dr. Stephen Henson	6b3b632767	Sync libeay.num	2005-06-27 00:43:22 +00:00
Andy Polyakov	2a2fa04b7b	Unify some SCO targets [from HEAD].	2005-06-26 18:10:20 +00:00
Andy Polyakov	79b81d194b	Configure/TABLE update from HEAD.	2005-06-26 17:18:45 +00:00
Andy Polyakov	ef04c9aff8	IA64 RC4 update from HEAD [see commentary in HEAD for details]. PR: 1114	2005-06-26 16:14:22 +00:00
Richard Levitte	7f85197c10	Further successes with the latest snapshot.	2005-06-24 22:23:54 +00:00
Andy Polyakov	ff0bfe64af	Replace emms with finit in x86cpuid.	2005-06-24 16:34:46 +00:00
Dr. Stephen Henson	44b3a3a5e6	Add Argen root CAs.	2005-06-24 10:54:36 +00:00
Richard Levitte	7e3033aa93	Someone did some cutting and pasting and didn't quite finish the job :-). Notified by Steffen Pankratz <kratz00@gmx.de>	2005-06-24 05:13:18 +00:00
Richard Levitte	8bdbf50772	Wrap the inclusion of openssl/engine.h with a protective check for the absence of OPENSSL_NO_ENGINE.	2005-06-23 22:08:41 +00:00
Richard Levitte	ec33a76641	Wrap the inclusion of openssl/engine.h with a protective check for the absence of OPENSSL_NO_ENGINE. PR: 1123	2005-06-23 21:57:37 +00:00
Richard Levitte	00ce9376c7	Do not defined des_crypt(), since it clashes with Solaris crypt.h. PR: 1125	2005-06-23 21:53:52 +00:00
Richard Levitte	46e7a9797e	Initialise dir to avoid a compiler warning.	2005-06-23 21:49:18 +00:00
Richard Levitte	7006c4ac88	The NAME section of a man page is required to have a dash followed by a short description, at least according to pod2man. PR: 1127	2005-06-23 21:45:32 +00:00
Richard Levitte	a50a2126cf	DCC doesn't like argument names in returned function pointers. PR: 1122	2005-06-23 21:35:20 +00:00
Richard Levitte	07f7b4b470	Update for Stratus VOS. PR: 1130	2005-06-23 21:27:13 +00:00
Richard Levitte	7e726e42f4	Configure update for Stratus VOS. PR: 1129	2005-06-23 21:20:31 +00:00
Richard Levitte	40ba0257de	Change dir_ctrl to check for the environment variable before using the default directory instead of the other way around. PR: 1131	2005-06-23 21:14:10 +00:00
Richard Levitte	3fbd5f9fea	Strip the engine shared libraries as well. Submitted by Corinna Vinschen <vinschen@redhat.com>	2005-06-23 20:55:35 +00:00
Andy Polyakov	57b2246d35	Darwin specific update from HEAD.	2005-06-23 20:47:54 +00:00
Andy Polyakov	2a5b22d6f9	Missed -c in IRIX rule.	2005-06-23 20:38:19 +00:00
Andy Polyakov	f247dc7522	IRIX upadte from HEAD.	2005-06-23 16:47:21 +00:00
Andy Polyakov	e6531253e2	HP-UX specific update to Makefile.shared.	2005-06-23 15:39:19 +00:00
Richard Levitte	c938babf00	A number of architectures noted so far.	2005-06-23 06:31:08 +00:00
Andy Polyakov	bf3900020f	no-asm didn't prevent make from compiling assembler modules [from HEAD].	2005-06-22 23:50:07 +00:00
Dr. Stephen Henson	586df3bb7f	Typo.	2005-06-22 18:54:05 +00:00
Dr. Stephen Henson	c4b13b0268	Reorder extensions to account for synced OID table.	2005-06-22 17:28:55 +00:00
Dr. Stephen Henson	daef72316f	Sync OID database with 0.9.7.	2005-06-22 17:26:24 +00:00
Dr. Stephen Henson	1f93c96e63	Fix extension ordering.	2005-06-22 13:25:38 +00:00
Richard Levitte	8aa9c79276	Tagging is done, we're moving on.	2005-06-21 05:56:26 +00:00
Richard Levitte	09a7f2e734	Prepare for a release of 0.9.8-beta6. This is supposed to be the final beta. The tag will be OpenSSL_0_9_8-beta6	2005-06-21 05:49:47 +00:00
Richard Levitte	b2d27e376d	Some new news.	2005-06-21 05:46:41 +00:00
Richard Levitte	644c4af11e	make update	2005-06-21 05:28:47 +00:00
Richard Levitte	ca3dc3a0a0	DEVRANDOM, not DEBRANDOM...	2005-06-21 04:41:31 +00:00
Richard Levitte	2b975dfd5b	Do no try to pretend we're at the end of anything unless we're at the end of a 4-character block.	2005-06-20 22:11:28 +00:00
Richard Levitte	0932892278	Check for 'usage' and 'Usage'. Submitted by Tim Rice <tim@multitalents.net>. His comment is: I noticed "make report" didn't show the cc version on most of my System V platforms. This patch corrects this.	2005-06-20 20:49:05 +00:00
Andy Polyakov	fe0b3d98c2	Refine ELF detection on BSD platforms.	2005-06-20 17:36:19 +00:00
Andy Polyakov	8d56c8b51c	Solaris x86_64 /usr/ccs/bin/as support.	2005-06-20 14:50:26 +00:00
Richard Levitte	d8e6409336	Add crypto/bn/bn_prime.h to the collection of generated files. In the update target, place the dependency on depend last, so all necessary files are generated before the dependencies are figured out. PR: 1121	2005-06-20 04:29:56 +00:00
Richard Levitte	a4ae746656	With DJGPP, it seems like the return code from grep, even when in the middle of a pipe, is noted. Counter that by forcing a true return code when the return code has no importance. PR: 1085	2005-06-19 20:31:32 +00:00
Richard Levitte	331a0a7b9b	Undefine DECRANDOM before redefining it. PR: 1110	2005-06-19 20:20:33 +00:00
Richard Levitte	c630a3e8d6	Add better documentation on how id_function() should be defined and what issues there are. PR: 1096	2005-06-18 05:52:23 +00:00
Richard Levitte	7435d89edf	Move the definition of DEVRANDOM for DJGPP from Configure to e_os.h. That should solve the issues with propagating it through the Makefiles. PR: 1110	2005-06-18 04:42:34 +00:00
Richard Levitte	14557c8be4	Only define ZLIB_SHARED if it hasn't already been defined (on the command line, for example). PR: 1112	2005-06-18 04:32:23 +00:00
Richard Levitte	98b4995bad	Have pod2man.pl accept '=for comment ...' before the '=head1 NAME' line. PR: 1113	2005-06-18 04:27:15 +00:00
Nils Larsch	3000bdcc3a	clear dso pointer in case of an error PR: 816	2005-06-17 21:27:28 +00:00
Nils Larsch	cbe77a6753	update for the cswift engine: - fix the problem described in bug report 825 - fix a segfault when the engine fails to initialize - let the engine switch to software when keysize > 2048 PR: 825, 826 Submitted by: Frédéric Giudicelli	2005-06-17 20:43:05 +00:00
Richard Levitte	c58a1f76f8	Do not undefine _XOPEN_SOURCE. This is currently experimental, and will be firmed up as soon as it's been verified not to break anything.	2005-06-16 22:19:14 +00:00
Dr. Stephen Henson	ecf2875ebf	Don't strip extensions from header filenames in mk1mf.pl.	2005-06-16 02:16:50 +00:00
Dr. Stephen Henson	ce2c19e357	Update from head.	2005-06-16 02:05:57 +00:00
Richard Levitte	1b1081a3ed	0.9.8-beta5 works on Gentoo/arml but not /armb, and works on Linux AMD64	2005-06-14 05:42:56 +00:00
Richard Levitte	37b200389a	Data about which Cygwin versions 0.9.8-beta5 work on	2005-06-13 17:10:07 +00:00
Richard Levitte	6b5a8f3a22	0.9.8-beta5 works on SuSE 9.3	2005-06-13 17:03:17 +00:00
Richard Levitte	0b18d8b0c7	0.9.8-beta5 works on Cygwin	2005-06-13 17:00:25 +00:00
Nils Larsch	3d187ede47	update FAQ	2005-06-13 08:36:38 +00:00
Richard Levitte	f3b9c34515	0.9.8-beta5 works on VMS/Alpha	2005-06-13 04:17:24 +00:00
Richard Levitte	c923394924	Now that beta5 is tagged, lets continue with beta6.	2005-06-13 03:48:22 +00:00
Richard Levitte	d9dbd24db5	Time to release beta 5. The tag will be OpenSSL_0_9_8-beta5	2005-06-13 03:36:21 +00:00
Richard Levitte	b135819d71	make update	2005-06-13 03:29:04 +00:00
Richard Levitte	cbcbd07da2	Netware patch submitted by Verdon Walker" <VWalker@novell.com> in PR 1107. He says: This is a followup to the NetWare patch that was applied to beta3. It does the following: - Fixes a problem in the CLib build with undefined symbols. - Adds the ability to use BSD sockets as the default for the OpenSSL socket BIO. NetWare supports 2 flavors of sockets and our Apache developers need BSD sockets as a configurable option when building OpenSSL. This adds that for them. - Updates to the INSTALL.NW file to explain new options. I have tried very hard to make sure all the changes are in NetWare specific files or guarded carefully to make sure they only impact NetWare builds. I have tested the Windows build to make sure it does not break that since we have made changes to mk1mf.pl. We are still working the gcc cross compile for NetWare issue and hope to have a patch for that before beta 6 is released.	2005-06-13 03:21:01 +00:00
Richard Levitte	24f6ab73a7	Show what the offending target was. PR: 1108	2005-06-13 02:38:13 +00:00
Nils Larsch	5e88347e1b	replace the deprecated "-m486" gcc option with "-march=i486" PR: 1049	2005-06-12 10:32:11 +00:00
Nils Larsch	cac0d4ee6f	- let SSL_CTX_set_cipher_list and SSL_set_cipher_list return an error if the cipher list is empty - fix last commit in ssl_create_cipher_list - clean up ssl_create_cipher_list	2005-06-10 19:51:16 +00:00
Andy Polyakov	428759b3d4	Allow for dso load by explicit path on HP-UX.	2005-06-09 20:50:44 +00:00
Nils Larsch	898d3ecce0	use "=" instead of "\|=", fix typo	2005-06-08 22:20:24 +00:00
Richard Levitte	004f16f6c4	Avoid endless loops. Really, we were using the same variable for two different conditions...	2005-06-08 21:59:54 +00:00
Nils Larsch	4e2a0e58f2	ssl_create_cipher_list should return an error if no cipher could be collected (see SSL_CTX_set_cipher_list manpage). Fix handling of "cipher1+cipher2" expressions in ssl_cipher_process_rulestr PR: 836 + 1005	2005-06-08 21:13:52 +00:00
Dr. Stephen Henson	39d29195a7	Update from head.	2005-06-06 22:41:50 +00:00
Andy Polyakov	727c9b8027	Allow BIO_s_file to open and sequentially access files larger than 2GB on affected platforms. PR: 973	2005-06-06 12:05:12 +00:00
Andy Polyakov	bd4e9b0512	FAQ to mention no-sha512 as option for compilers without support for 64-bit integer type [from HEAD].	2005-06-06 09:33:45 +00:00
Richard Levitte	7844ff735f	Pass INSTALL_PREFIX in BUILDENV. PR: 1100	2005-06-06 08:52:32 +00:00
Richard Levitte	49e96badcf	Skipping all tests just because one algorithm is disabled seems a bit harsch. PR: 1089	2005-06-06 08:38:23 +00:00
Andy Polyakov	eb6a81bacc	Change mention of Makefile.ssl to Makefile.	2005-06-06 08:36:31 +00:00
Richard Levitte	6687f12988	Now that tagging is done, we can continue working.	2005-06-06 00:44:49 +00:00
Richard Levitte	fcd12fc0f1	Time to release 0.9.8 beta 4. The tag will be OpenSSL_0_9_8-beta4	2005-06-06 00:39:18 +00:00
Richard Levitte	0fb4d54068	Further change pq_compat.h to generate the flag macros PQ_64BIT_IS_INTEGER and PQ_64BIT_IS_BIGNUM with the values 0 (for false) and 1 (for true), depending on which is true. Use those flags everywhere else to provide the correct implementation for handling certain operations in q PQ_64BIT.	2005-06-06 00:32:30 +00:00
Richard Levitte	830a468a23	Document the change and update the release number.	2005-06-05 23:25:51 +00:00
Richard Levitte	af3ca7b4a9	Remove the incorrect installation of '%{openssldir}/lib'. PR: 1074	2005-06-05 23:15:29 +00:00
Richard Levitte	7a6bb17255	Change pq_compat.h to trust the macros defined by bn.h a bit more, and thereby provide better generic support for environments that do not have 64-bit integers. Among others, this should solve PR 1086	2005-06-05 22:43:08 +00:00
Richard Levitte	bc6d459a6e	gcc 2.95.3 on Ultrix supports long long. PR: 1091	2005-06-05 22:19:34 +00:00
Richard Levitte	ff7f34e353	Correct typo ia64.o -> bn-ia64.o. PR: 1094	2005-06-05 22:09:21 +00:00
Richard Levitte	2e3d79aaec	Add support for the new Intel compiler, icc. Submitted by Keith Thompson <kst@sdsc.edu> PR: 1095	2005-06-05 22:01:32 +00:00
Richard Levitte	8a41bcc934	Old typo... PR: 1097	2005-06-05 21:55:09 +00:00
Richard Levitte	e2414b41ad	Updated support for NetWare, submitted by Verdon Walker <VWalker@novell.com>. PR: 1098	2005-06-05 21:46:57 +00:00
Andy Polyakov	266958bce7	PROBLEMS to mention workarounds for ULTRIX build problems. PR: 1092	2005-06-05 18:07:47 +00:00
Richard Levitte	bc5354cbf0	The macro THREADS was changed to OPENSSL_THREADS a long time ago. PR: 1096	2005-06-04 08:44:08 +00:00
Dr. Stephen Henson	cc4997843e	Update from head.	2005-06-02 23:17:38 +00:00
Dr. Stephen Henson	ab95eac286	Typo.	2005-06-02 20:30:46 +00:00
Dr. Stephen Henson	1cd76233d1	Update CHANGES.	2005-06-02 20:09:43 +00:00
Andy Polyakov	3d5afc8b83	PSS update [from 0.9.7].	2005-06-02 18:29:21 +00:00
Richard Levitte	d28b7799dd	handshake_write_seq is an unsigned short, so treat it like one	2005-06-02 17:26:17 +00:00
Nils Larsch	b0fb889c29	check return value	2005-06-01 22:35:07 +00:00
Dr. Stephen Henson	460e80bd1d	Update from 0.9.7-stable	2005-06-01 22:14:41 +00:00
Richard Levitte	bc1e96e942	Synchronise yet a little more with the Unixly build	2005-06-01 16:24:20 +00:00
Nils Larsch	7ea61df414	clear error queue on success and return NULL if cert could be read PR: 1088	2005-06-01 08:31:22 +00:00
Nils Larsch	431712293d	fix assertion PR: 1072	2005-05-31 20:38:31 +00:00
Richard Levitte	335ed97263	Synchronise more with the Unix build	2005-05-31 20:28:55 +00:00
Nils Larsch	e00b165e9b	let "make all test" work with "no-aes" PR: 1078	2005-05-31 17:56:17 +00:00
Nils Larsch	5467ddf0e1	include opensslconf.h if OPENSSL_NO_* is used	2005-05-31 17:31:50 +00:00
Andy Polyakov	7a37dd92ed	"Show" more respect to no-sha* config options. PR: 1086	2005-05-31 16:33:43 +00:00
Ben Laurie	d0c11e9d72	Fix warnings.	2005-05-31 13:13:18 +00:00
Andy Polyakov	5ec52fee2c	Mention more GCC bugs in ./PROBLEMS.	2005-05-31 12:39:14 +00:00
Dr. Stephen Henson	5026bc13bb	file fips_rsa_x931g.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:21 +0000	2005-05-31 12:38:01 +00:00
Dr. Stephen Henson	c7d27e5247	file fips_rsagtest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:22 +0000	2005-05-31 12:37:59 +00:00
Dr. Stephen Henson	b7d7af7ea9	file bn_x931p.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 22:54:29 +0000	2005-05-31 12:37:57 +00:00
Andy Polyakov	39663d2c40	Missing sparcv8.o rule. PR: 1082	2005-05-31 12:18:15 +00:00
Andy Polyakov	000299a0e6	Fix typo in ./config.	2005-05-31 11:31:07 +00:00
Andy Polyakov	0a47d82b9b	AMD64 OPENSSL_Uplink update.	2005-05-31 11:00:15 +00:00
Nils Larsch	198bcece58	fix warning	2005-05-31 09:55:13 +00:00
Andy Polyakov	053677d124	Improve ELF detection procedure on BSD targets. PR: 1079	2005-05-31 09:32:00 +00:00
Andy Polyakov	804072f014	Zap sco3. Submitted by: Tim Rice	2005-05-31 09:08:17 +00:00
Andy Polyakov	e9429b43ce	Default to no-sse2 no-sha512 on selected platforms.	2005-05-31 09:05:31 +00:00
Richard Levitte	3d37d5e24a	Forgottent make update. These files will be retagged.	2005-05-30 23:20:32 +00:00
Richard Levitte	2728a1b4f3	Forgottent needed changed. This file will be retagged.	2005-05-30 23:19:11 +00:00
Richard Levitte	adb040d4cb	Tagging done, moving up to next beta in development.	2005-05-30 23:07:30 +00:00
Richard Levitte	479d7934c0	Not quite right...	2005-05-30 22:59:22 +00:00
Richard Levitte	22d1acd5ac	Time to release the next beta (a few days late, sorry about that). The tag will be OpenSSL_0_9_8-beta3	2005-05-30 22:56:49 +00:00
Richard Levitte	b257c152c6	A couple more things were added.	2005-05-30 22:51:05 +00:00
Richard Levitte	77b97ee0d7	DJGPP changes. Contributed by Doug Kaufman <dkaufman@rahul.net>	2005-05-30 22:37:41 +00:00
Richard Levitte	e2ac4732cd	pqueue and dtls uses 64-bit values. Unfortunately, OpenSSL doesn't have a uniform representation for those over all architectures, so a little bit of hackery is needed. Contributed by nagendra modadugu <nagendra@cs.stanford.edu>	2005-05-30 22:34:28 +00:00
Richard Levitte	e8f665b495	Synchronise with Unixly build	2005-05-30 22:26:23 +00:00
Richard Levitte	55f3ef29ea	Change all relevant occurences of 'ncipher' to 'chil'. That's what nCipher always wanted...	2005-05-30 05:17:07 +00:00
Dr. Stephen Henson	c2d78c9623	Copy ordinals from 0.9.7 and update.	2005-05-30 00:28:38 +00:00
Geoff Thorpe	a4578a5413	Change the source and output paths for 'chil' and '4758cca' engines so that dynamic loading is consistent with respect to engine ids.	2005-05-29 19:16:26 +00:00
cvs2svn	e884fcf785	This commit was manufactured by cvs2svn to create branch 'OpenSSL_0_9_8-stable'.	2005-05-29 19:14:22 +00:00
Geoff Thorpe	a2c32e2d7f	Change the source and output paths for 'chil' and '4758cca' engines so that dynamic loading is consistent with respect to engine ids.	2005-05-29 19:14:21 +00:00
Richard Levitte	80b168a5a9	We have some source with \r\n as line ends. DEC C informs about that, and I really can't be bothered...	2005-05-29 12:13:51 +00:00
Richard Levitte	e96025755d	We have some source with \r\n as line ends. DEC C informs about that, and I really can't be bothered...	2005-05-29 12:13:20 +00:00
Richard Levitte	9426364be9	Typo	2005-05-29 12:11:50 +00:00
Richard Levitte	c9028b0ab5	Typo	2005-05-29 11:26:56 +00:00
Dr. Stephen Henson	b4d2858f95	Add PSS prototype to rsa.h	2005-05-28 20:50:11 +00:00
Dr. Stephen Henson	dea446d995	Update from 0.9.7-stable branch.	2005-05-28 20:49:09 +00:00
cvs2svn	5cd94f9e9d	This commit was manufactured by cvs2svn to create branch 'OpenSSL_0_9_8-stable'.	2005-05-28 20:44:38 +00:00
Dr. Stephen Henson	429168e7ee	Add pss/x931 files.	2005-05-28 20:44:37 +00:00
Dr. Stephen Henson	499fca2db3	Update from 0.9.7-stable. Also repatch and rebuild error codes.	2005-05-28 20:44:02 +00:00
Bodo Möller	cad811fc41	Use BN_with_flags() in a cleaner way.	2005-05-27 15:39:24 +00:00
Bodo Möller	a28a5d9c62	Use BN_with_flags() in a cleaner way.	2005-05-27 15:38:53 +00:00
Dr. Stephen Henson	3f791ca818	Assing check_{cert,crl}_time to 'ok' variable so it returns errors on expiry.	2005-05-27 13:19:25 +00:00
Dr. Stephen Henson	69f6a9f007	file fips_standalone_sha1.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000	2005-05-26 21:29:08 +00:00
Dr. Stephen Henson	4eeee0c59f	file fips_shatest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000	2005-05-26 21:29:06 +00:00
Dr. Stephen Henson	a5afa6c95f	file fips_sha1_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000	2005-05-26 21:29:04 +00:00
Dr. Stephen Henson	625dacb93d	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000	2005-05-26 21:29:02 +00:00
Dr. Stephen Henson	62e9c2e091	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:23 +0000	2005-05-26 21:29:00 +00:00
Bodo Möller	e4106a4e24	make sure DSA signing exponentiations really are constant-time	2005-05-26 04:40:57 +00:00
Bodo Möller	0ebfcc8f92	make sure DSA signing exponentiations really are constant-time	2005-05-26 04:40:52 +00:00
Bodo Möller	c61f571ce0	check BN_copy() return value	2005-05-26 04:30:49 +00:00
Bodo Möller	a506b8c7dd	check BN_copy() return value	2005-05-26 04:30:48 +00:00
Andy Polyakov	e5cd536894	Some assemblers are too rudimentary to understand dynamic labels.	2005-05-25 21:37:18 +00:00
Geoff Thorpe	60192e96b8	Handle differences between engine IDs and their dynamic library names (and source files, for that matter) by tolerating the alternatives. It would be preferable to also change the generated shared library names, but that will be taken up separately.	2005-05-25 02:54:28 +00:00
Geoff Thorpe	629ea39a88	Handle differences between engine IDs and their dynamic library names (and source files, for that matter) by tolerating the alternatives. It would be preferable to also change the generated shared library names, but that will be taken up separately.	2005-05-25 02:52:44 +00:00
Richard Levitte	7d9e1321c7	Forgot to change the version number itself.	2005-05-24 03:57:12 +00:00
Richard Levitte	83af7422a0	Tagging is done, we continue on beta3, which is planned to be released on Sunday May 29th.	2005-05-24 03:50:30 +00:00
Richard Levitte	ce8945f35c	Time to release the next beta. The tag will be OpenSSL_0_9_8-beta2.	2005-05-24 03:42:49 +00:00
Richard Levitte	dd890f0776	make update	2005-05-24 03:39:37 +00:00
Richard Levitte	af4ac437ab	It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512 was still active when it came down to the functions. mkdef.pl should really be corrected, but that'll be another day...	2005-05-24 03:39:10 +00:00
Richard Levitte	85991994df	It seems like mkdef.pl couldn't quite understand that #ifdef OPENSSL_NO_SHA512 was still active when it came down to the functions. mkdef.pl should really be corrected, but that'll be another day...	2005-05-24 03:39:08 +00:00
Richard Levitte	607585fdaf	Typo correction	2005-05-24 03:27:57 +00:00
Richard Levitte	b325518f45	Typo correction	2005-05-24 03:27:15 +00:00
Richard Levitte	2f596aeef5	DEC C complains about bad subscript, but we know better, so let's shut it up.	2005-05-24 03:22:56 +00:00
Richard Levitte	b172dec864	DEC C complains about bad subscript, but we know better, so let's shut it up.	2005-05-24 03:22:53 +00:00
Dr. Stephen Henson	69762c75fa	Fix WIN32+KRB5 issues.	2005-05-23 00:32:55 +00:00
Andy Polyakov	61391e2314	Be more consistent with OPENSSL_NO_SHA256.	2005-05-22 10:27:59 +00:00
Andy Polyakov	36b29660ce	Be more consistent with OPENSSL_NO_SHA256.	2005-05-22 10:26:47 +00:00
Andy Polyakov	4976983f30	Disseminate BUILDENV even further.	2005-05-22 09:13:30 +00:00
Andy Polyakov	4b23506594	OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to make no-sha512 more effective on platforms, which don't support 64-bit integer type of any kind.	2005-05-22 08:55:15 +00:00
Andy Polyakov	31e4ad25ba	OPENSSL_NO_SHA512 to mask even SHA512_CTX declaration. This is done to make no-sha512 more effective on platforms, which don't support 64-bit integer type of any kind.	2005-05-22 08:52:12 +00:00
Andy Polyakov	225f4daf15	Still SEGV trouble in .init segment under Solaris x86...	2005-05-21 17:51:12 +00:00
Andy Polyakov	82d3dda8a1	Still SEGV trouble in .init segment under Solaris x86...	2005-05-21 17:49:10 +00:00
Richard Levitte	b9927cfa2d	When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html. Notified by David Wolfe <dwolfe5272@yahoo.com>	2005-05-21 17:39:53 +00:00
Richard Levitte	fe8bf9560d	When _XOPEN_SOURCE is defined, make sure it's defined to 500. Required in http://www.opengroup.org/onlinepubs/007908799/xsh/compilation.html. Notified by David Wolfe <dwolfe5272@yahoo.com>	2005-05-21 17:39:43 +00:00
Andy Polyakov	af6cafc603	Default to no-sse2 on selected platforms.	2005-05-21 16:52:30 +00:00
Andy Polyakov	e4c9b85e65	Default to no-sse2 on selected platforms.	2005-05-21 16:50:27 +00:00
Richard Levitte	447aa49007	Patches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>	2005-05-21 16:41:34 +00:00
Richard Levitte	15da07d436	Patches for Cygwin, provided by Corinna Vinschen <vinschen@redhat.com>	2005-05-21 16:37:41 +00:00
Ben Laurie	fe977f7512	Propagate BUILDENV into subdirectories.	2005-05-21 16:13:36 +00:00
Andy Polyakov	886ed3544b	Move _WIN32_WINNT definition from command line to e_os.h [from HEAD].	2005-05-21 13:19:46 +00:00
Andy Polyakov	e476f94212	Move _WIN32_WINNT definition from command line to e_os.h. The change is inspired by VC6 failure report. In addition abstain from taking screen snapshots when running in NT service context.	2005-05-21 13:19:27 +00:00
Nils Larsch	aff2922f9a	fix typo, add prototype	2005-05-20 23:01:31 +00:00
Nils Larsch	bbbd67108f	fix typo, add prototype	2005-05-20 22:55:10 +00:00
Nils Larsch	f32e0035a3	fix potential memory leak Submitted by: Goetz Babin-Ebell	2005-05-19 22:11:22 +00:00
Nils Larsch	7f246621b5	fix potential memory leak Submitted by: Goetz Babin-Ebell	2005-05-19 22:10:40 +00:00
Nils Larsch	b67d988915	update ecdsa doc	2005-05-19 20:54:30 +00:00
Nils Larsch	7b1e7706d8	update ecdsa doc	2005-05-19 20:54:22 +00:00
Andy Polyakov	cd74dda72a	FAQ to mention no-sse2.	2005-05-19 19:57:27 +00:00
Andy Polyakov	851e31ff07	FAQ to mention no-sse2.	2005-05-19 19:54:49 +00:00
Richard Levitte	032bb2a2c5	Tagging of 0.9.8-beta1 is done, time to update the version numbers to the next beta (beta2).	2005-05-19 19:45:53 +00:00
Richard Levitte	decc9ffc18	Update status information	2005-05-19 19:43:28 +00:00
Richard Levitte	fa96ed06d2	Update version information.	2005-05-19 19:42:04 +00:00
Richard Levitte	43133041c9	'make update' with a default configuration.	2005-05-19 19:31:53 +00:00
Richard Levitte	e0ee5ea962	Added news items for OpenSSL 0.9.8.	2005-05-19 19:12:36 +00:00
Nils Larsch	3f4657d131	fix "dereferencing type-punned pointer will break strict-aliasing rules" warning when using gcc 4.0	2005-05-19 12:01:51 +00:00
Nils Larsch	f5634286a3	fix "dereferencing type-punned pointer will break strict-aliasing rules" warning when using gcc 4.0	2005-05-19 11:59:35 +00:00
Dr. Stephen Henson	97d37c1c1e	Recognize new macros.	2005-05-19 11:51:43 +00:00
Andy Polyakov	739b139cb2	Propogate BUILDENV even in ./engines.	2005-05-19 02:13:10 +00:00
Andy Polyakov	0bc9920ad4	Stringify substitutions [some shells require it].	2005-05-19 02:08:01 +00:00
Andy Polyakov	3f516ce837	SysV make [or least some of them] don't propogate command line macros to recursively called make. So let's pass down BUILDENV as value too...	2005-05-19 01:48:46 +00:00
Nils Larsch	67ffa18cce	make the type parameter const when ID2_OF_const() is used	2005-05-18 22:30:38 +00:00
Nils Larsch	9f197f9da5	make the type parameter const when ID2_OF_const() is used	2005-05-18 22:29:17 +00:00
Andy Polyakov	3dc2cc36e9	FAQ update to mention Applink [from HEAD].	2005-05-18 13:37:20 +00:00
Andy Polyakov	788e67e227	FAQ update to mention Applink.	2005-05-18 13:35:54 +00:00
Andy Polyakov	ca3e683747	Don't emit SSE2 instructions unless were asked to [from HEAD]. PR: 1073	2005-05-18 08:45:21 +00:00
Andy Polyakov	c50226594d	Don't emit SSE2 instructions unless were asked to. PR: 1073	2005-05-18 08:42:08 +00:00
Andy Polyakov	38a1757168	Engage Applink in mingw. [from HEAD]	2005-05-18 08:17:29 +00:00
Andy Polyakov	51ff6bde38	Engage Applink in mingw. Note that application-side module is not compiled into our aplpications. That's because mingw is always consistent with itself. Having library-side code linked into .dll makes it possible to deploy the .dll with user-code compiled with another compiler [which is pretty much the whole point behind Applink].	2005-05-18 08:16:46 +00:00
Richard Levitte	4104a57107	OpenSSL 0.9.8 has just entered beta status. Not quite releasing yet, since I need to write a NEWS entry. This means we're in feature freeze. HEAD is now 0.9.9-dev.	2005-05-18 04:14:22 +00:00
Richard Levitte	28e4fe34e4	Version changes where needed.	2005-05-18 04:04:12 +00:00
Richard Levitte	c800a070b5	I just branched 0.9.8, so HEAD needs to be bumped to 0.9.9-dev. The 0.9.8 branch is called OpenSSL_0_9_8-stable.	2005-05-18 03:58:34 +00:00
cvs2svn	b0c0f20071	This commit was manufactured by cvs2svn to create branch 'OpenSSL_0_9_8-stable'.	2005-05-17 16:50:47 +00:00
Andy Polyakov	53d8996764	Engage Applink for VC builds.	2005-05-17 16:50:46 +00:00
Andy Polyakov	32b1843ec6	Keep disclaming 16-bit support.	2005-05-17 13:51:36 +00:00
Nils Larsch	8712009778	simplify EC_KEY_dup	2005-05-17 12:23:16 +00:00
Andy Polyakov	b8994f44e7	mdc2test is not built by default anymore.	2005-05-17 06:57:45 +00:00
Bodo Möller	f468e3824a	fix memory leak (BIO_free_all needs pointer to first BIO) PR: 1070	2005-05-17 05:52:24 +00:00
Andy Polyakov	ea1b02db6a	OPENSSL_Applink update.	2005-05-17 00:08:28 +00:00
Andy Polyakov	2c4b354d32	Disclaim 16-bit support.	2005-05-17 00:07:13 +00:00
Andy Polyakov	25a66ee3cb	Move cryptlib.h prior bio.h. Actually it makes sense to include cryptlib.h first everywhere in crypto and skip stdio.h and string.h [because it includes them].	2005-05-17 00:01:48 +00:00
Andy Polyakov	0978dec131	Improve shell portability of new rules in Makefile.shared.	2005-05-16 21:05:09 +00:00
Bodo Möller	91b17fbad4	Change wording for BN_mod_exp_mont_consttime() entry	2005-05-16 19:14:34 +00:00
Andy Polyakov	ce92b6eb9c	Further BUILDENV refinement, further fool-proofing of Makefiles and [most importantly] put back dependencies accidentaly eliminated in check-in #13342.	2005-05-16 16:55:47 +00:00
Andy Polyakov	7abbffc3fb	Further BUILDENV clean-up, 'make depend' is operational again.	2005-05-16 14:24:45 +00:00
Nils Larsch	9dd8405341	ecc api cleanup; summary: - hide the EC_KEY structure definition in ec_lcl.c + add some functions to use/access the EC_KEY fields - change the way how method specific data (ecdsa/ecdh) is attached to a EC_KEY - add ECDSA_sign_ex and ECDSA_do_sign_ex functions with additional parameters for pre-computed values - rebuild libeay.num from 0.9.7	2005-05-16 10:11:04 +00:00
Bodo Möller	46a643763d	Implement fixed-window exponentiation to mitigate hyper-threading timing attacks. BN_FLG_EXP_CONSTTIME requests this algorithm, and this done by default for RSA/DSA/DH private key computations unless RSA_FLAG_NO_EXP_CONSTTIME/DSA_FLAG_NO_EXP_CONSTTIME/ DH_FLAG_NO_EXP_CONSTTIME is set. Submitted by: Matthew D Wood Reviewed by: Bodo Moeller	2005-05-16 01:43:31 +00:00
Bodo Möller	92c4468572	rebuild to synchronize with additions to 0.9.7 branch	2005-05-16 00:29:29 +00:00
Bodo Möller	10cde5010d	make update	2005-05-16 00:27:37 +00:00
Andy Polyakov	c4cd925cc0	Make Makefile.shared quiet again.	2005-05-16 00:01:49 +00:00
Andy Polyakov	f210eb7b89	Simplify shared rules, link run-path into applications only.	2005-05-15 23:59:04 +00:00
Andy Polyakov	734540f887	Consolidate BUILDENV [idea is to keep all variables in one place].	2005-05-15 23:53:34 +00:00
Andy Polyakov	804515425a	+20% performance improvement of P4-specific RC4_CHAR loop.	2005-05-15 22:43:00 +00:00
Andy Polyakov	81a86fcf17	Fool-proofing Makefiles	2005-05-15 22:23:26 +00:00
Dr. Stephen Henson	a534bb09d3	Make update.	2005-05-15 00:56:47 +00:00
Dr. Stephen Henson	b6995add5c	Make -CSP option work again in pkcs12 utility by checking for attribute in EVP_PKEY structure.	2005-05-15 00:54:45 +00:00
Dr. Stephen Henson	8ccd06c66c	openssl_fcast should always be defined, not just with DEBUG_SAFESTACK	2005-05-14 12:58:20 +00:00
Dr. Stephen Henson	fe86616c72	Some C compilers produce warnings or compilation errors if an attempt is made to directly cast a function of one type to what it considers and incompatible type. In particular gcc 3.4.2. Add new openssl_fcast macro to place functions into a form where the compiler will allow them to be cast. The current version achives this by casting to: void function(void).	2005-05-12 23:01:44 +00:00
Dr. Stephen Henson	ba2ba27008	Avoid warnings.	2005-05-12 22:40:19 +00:00
Dr. Stephen Henson	f795123c4a	Fix from stable branch.	2005-05-12 22:39:42 +00:00
Dr. Stephen Henson	c596c795bf	Typo.	2005-05-12 17:28:53 +00:00
Bodo Möller	3f19bbf4e3	fix msg_callback() arguments for SSL 2.0 compatible client hello (previous revision got this wrong)	2005-05-12 06:24:25 +00:00
Bodo Möller	b874ce4dc2	Move another item into ChangeLog.0_9_7-stable_not-in-head_FIPS	2005-05-11 18:36:47 +00:00
Bodo Möller	c6c2e3135d	Don't use the SSL 2.0 Client Hello format if SSL 2.0 is disabled with the SSL_OP_NO_SSLv2 option.	2005-05-11 18:25:49 +00:00
Ben Laurie	4b26fe30de	There must be an explicit way to build the .o!	2005-05-11 16:39:05 +00:00
Bodo Möller	4a8224b598	Move some entries from ChangeLog.0_9_7-stable_not-in-head to ChangeLog.0_9_7-stable_not-in-head_FIPS.	2005-05-11 03:54:21 +00:00
Bodo Möller	8afca8d9c6	Fix more error codes. (Also improve util/ck_errf.pl script, and occasionally fix source code formatting.)	2005-05-11 03:45:39 +00:00
Nils Larsch	35e8510e60	use 'p' as conversion specifier for printf to avoid truncation of pointers on 64 bit platforms. Patch supplied by Daniel Gryniewicz via Mike Frysinger <vapier@gentoo.org>. PR: 1064	2005-05-10 11:55:28 +00:00
Nils Larsch	8b15c74018	give EC_GROUP_new_by_nid a more meanigful name: EC_GROUP_new_by_nid -> EC_GROUP_new_by_curve_name	2005-05-10 11:37:47 +00:00
Nils Larsch	3afa6cf866	improve command line argument checking PR: 1061	2005-05-10 09:51:29 +00:00
Andy Polyakov	e19e549041	Comply with optimization manual (no data should share cache-line with code).	2005-05-09 21:48:01 +00:00
Andy Polyakov	d7561ac576	Allow for 64-bit cache-line alignments in code segment.	2005-05-09 21:27:40 +00:00
Dr. Stephen Henson	7870774162	file fips_hmac_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:17 +0000	2005-05-09 19:22:15 +00:00
Bodo Möller	fbeaa3c47d	Update util/ck_errf.pl script, and have it run automatically during "make errors" and thus during "make update". Fix lots of bugs that util/ck_errf.pl can detect automatically. Various others of these are still left to fix; that's why "make update" will complain loudly when run now.	2005-05-09 00:27:37 +00:00
Bodo Möller	ee2262b8d7	rebuild (starting with state from 0.9.7-stable branch) to avoid clutter	2005-05-09 00:22:02 +00:00
Bodo Möller	b0ac0a8ef8	improve comment readability	2005-05-09 00:06:54 +00:00
Bodo Möller	0f4499360e	give EC_GROUP_*_nid functions a more meaningful name EC_GROUP_get_nid -> EC_GROUP_get_curve_name EC_GROUP_set_nid -> EC_GROUP_set_curve_name	2005-05-09 00:05:17 +00:00
Nils Larsch	7dc17a6cf0	give EC_GROUP_*_nid functions a more meaningful name EC_GROUP_get_nid -> EC_GROUP_get_curve_name EC_GROUP_set_nid -> EC_GROUP_set_curve_name	2005-05-08 22:09:12 +00:00
Andy Polyakov	b6223d2f70	Eliminate "statement with no effect" warning when OPENSSL_assert macro is used with constant assertion.	2005-05-08 19:54:33 +00:00
Dr. Stephen Henson	4213cdaf5d	file fips_rngvs.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2005-05-07 22:06:43 +00:00
Dr. Stephen Henson	39b4c974ee	file fips_rand_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2005-05-07 22:06:41 +00:00
Richard Levitte	256b5d5877	I was incorrect about VMS/Alpha. Defining BN_LLONG with SIXTY_FOUR_BIT could cause havoc, so don't (it's lucky bn.h undefines BN_LLONG when SIXTY_FOUR_BIT is defined).	2005-05-07 21:21:17 +00:00
Dr. Stephen Henson	508f56f17c	file fips_rsastest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:22 +0000	2005-05-07 12:50:26 +00:00
Andy Polyakov	5d0d60e2f5	x86_64 assembler translator update.	2005-05-07 08:13:51 +00:00
Andy Polyakov	57ee007035	Fix constants. PR: 1059	2005-05-07 08:11:50 +00:00
Richard Levitte	82e8cb403a	Since BN_LLONG will only be defined for Alpha/VMS and not VAX/VMS, there's no need to undefine it here. Then, let's get a bit paranoid and not define BN_ULLONG on THIRTY_TWO_BIT machines when BN_LLONG isn't defined.	2005-05-06 13:34:35 +00:00
Richard Levitte	abee01c6f8	Actually, C on VMS/Alpha knows very well what a long long is, and knows how to make use of it. So let's stop pretending the Alpha doesn't know long long...	2005-05-06 13:33:16 +00:00
Dr. Stephen Henson	48665b7c99	file fips_rsavtest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:22 +0000	2005-05-05 21:46:28 +00:00
Nils Larsch	2c288b2a7e	fix compiler warning; pow10 is also in math.h	2005-05-05 20:57:37 +00:00
Richard Levitte	831721ef49	A few more fingerprints...	2005-05-05 06:38:55 +00:00
Andy Polyakov	0ee883650d	Commentary update motivating code update in 0.9.7.	2005-05-04 14:51:38 +00:00
Andy Polyakov	70cf309517	x86_64 assembler translator update.	2005-05-04 08:42:47 +00:00
Andy Polyakov	8b5bf52ac2	Cvs missed adapted module itself, here it goes...	2005-05-03 23:03:31 +00:00
Andy Polyakov	73a9485081	Engage md5-x86_64 assembler module.	2005-05-03 22:59:17 +00:00
Andy Polyakov	d37a65bc81	Throw in md5-x86_64 assembler.	2005-05-03 22:56:15 +00:00
Andy Polyakov	34c7ff6dc9	Cygwin doesn't expose Win32 [not "officially"].	2005-05-03 21:20:17 +00:00
Andy Polyakov	647907918d	Commentary update.	2005-05-03 21:16:42 +00:00
Andy Polyakov	cee73df3bd	Cpuid modules updates.	2005-05-03 21:05:06 +00:00
Nils Larsch	07481951f9	remove false positive	2005-05-03 20:58:24 +00:00
Nils Larsch	f15c448a72	remove BN_ncopy, it was only used in bn_nist.c and wasn't particular useful anyway	2005-05-03 20:27:00 +00:00
Nils Larsch	fcb41c0ee8	rewrite of bn_nist.c, disable support for some curves on 64 bit platforms for now (it was broken anyway)	2005-05-03 20:23:33 +00:00
Nils Larsch	9b62318311	fix typo PR: 1054	2005-05-03 18:34:01 +00:00
Dr. Stephen Henson	51971f7293	file fips_hmactest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:17 +0000	2005-05-03 17:07:54 +00:00
Andy Polyakov	5f1841cdca	Rename amd64 modules to x86_64 and update RC4 implementation.	2005-05-03 15:42:05 +00:00
Andy Polyakov	4b45051902	x86_64 assembler translator update.	2005-05-03 15:35:14 +00:00
Nils Larsch	9e5790ce21	backport fix from the stable branch	2005-05-03 10:00:16 +00:00
Dr. Stephen Henson	3d3addb252	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:17 +0000	2005-05-02 23:06:04 +00:00
Dr. Stephen Henson	3f8bdd1fdb	file fips_hmac.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:17 +0000	2005-05-02 23:04:19 +00:00
Dr. Stephen Henson	6181fd949f	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:17 +0000	2005-05-02 23:04:16 +00:00
Ben Laurie	fce8c6cc53	Redundant changes.	2005-05-01 13:55:41 +00:00
Ben Laurie	0ff469d38d	Add prototype.	2005-05-01 13:49:56 +00:00
Dr. Stephen Henson	05338b58ce	Support for smime-type MIME parameter.	2005-05-01 12:46:57 +00:00
Andy Polyakov	081057c3ff	Remove false positives and resolve some of remaining ones.	2005-04-30 23:48:17 +00:00
Andy Polyakov	94c1672ef0	Cygwin/mingw sync with stable.	2005-04-30 23:45:53 +00:00
Andy Polyakov	405d9761a5	Allow for ./config no-sha0 [from stable].	2005-04-30 21:51:41 +00:00
Andy Polyakov	4c3a2d64e4	Fold rules in test/Makefiles [from stable].	2005-04-30 21:39:39 +00:00
Dr. Stephen Henson	98a2fd32a0	Typo.	2005-04-30 18:07:30 +00:00
Dr. Stephen Henson	7bdeeb64ac	Don't attempt to parse nested ASN1 strings by default.	2005-04-30 18:02:54 +00:00
Richard Levitte	43b45a42fd	Some true positives fixed, toss some false positives.	2005-04-30 15:25:04 +00:00
Richard Levitte	9af1bfb3d5	From branch OpenSSL_0_9_7-stable, 2004-09-11 11:45: Makefile.ssl changed name to Makefile...	2005-04-30 15:23:14 +00:00
Richard Levitte	aed14edd12	From branch OpenSSL_0_9_7-stable, 2004-08-11 22:34: Another missing module in the VMS build files.I believe this is the last, though...	2005-04-30 15:21:40 +00:00
Richard Levitte	14a948e6ad	All kinds of changes from branch OpenSSL_0_9_7-stable	2005-04-30 15:17:05 +00:00
Richard Levitte	af2fcf3a65	This one deserves a note. In the change to CHANGES, there's the following: + NOTE: This is for the 0.9.7 series ONLY. This hack will never + appear in 0.9.8 or later. We EXPECT application authors to have + dealt properly with this when 0.9.8 is released (unless we actually + make such changes in the libcrypto locking code that changes will + have to be made anyway). That makes this one a false positive.	2005-04-30 14:41:51 +00:00
Richard Levitte	4a676ac4f8	Remove a bunch of false positives, and fix some true positives.	2005-04-30 14:40:19 +00:00
Richard Levitte	37e27219f2	From branch OpenSSL_0_9_7-stable, 2002-11-13 15:30: The loading functions should be static if we build a dynamic engine.	2005-04-30 14:34:28 +00:00
Richard Levitte	d2284ab5d1	Remove a bunch of false positives, fix one true positive.	2005-04-30 13:50:57 +00:00
Richard Levitte	78e91e7574	From branch OpenSSL_0_9_7-stable, revision 1.1.4.1, 2002-05-23 17:25: Forgot this file.	2005-04-30 13:42:02 +00:00
Dr. Stephen Henson	e1cc0671ac	Use more efficient way to locate end of an ASN1 structure.	2005-04-30 13:06:45 +00:00
Nils Larsch	c1a8a5de13	don't let BN_CTX_free(NULL) segfault	2005-04-29 21:20:31 +00:00
Nils Larsch	e3d0e0a792	remove false positive	2005-04-29 20:41:38 +00:00
Nils Larsch	7c7667b86b	check return value of RAND_pseudo_bytes; backport from the stable branch	2005-04-29 20:10:06 +00:00
Nils Larsch	38be5db93b	remove some false positive	2005-04-29 19:24:50 +00:00
Nils Larsch	6a50d0a422	hide the definition of ECDSA_METHOD and ECDSA_DATA (and mutatis mutandis for ecdh)	2005-04-29 15:56:06 +00:00
Nils Larsch	7ab2d30349	add 192 bit prime curve to the command line options	2005-04-29 15:21:09 +00:00
Nils Larsch	d753c3f582	add reference to BN_BLINDING_new.pod	2005-04-29 15:07:34 +00:00
Nils Larsch	1897c89302	avoid warnings when building on systems where sizeof(void *) > sizeof(int)	2005-04-29 14:26:59 +00:00
Andy Polyakov	3cc54008eb	Pointer to BN_MONT_CTX could be used uninitialized.	2005-04-28 08:49:01 +00:00
Richard Levitte	ff8bcccdd4	Synchronise with Unix build system.	2005-04-28 04:55:28 +00:00
Dr. Stephen Henson	a93b01be57	Increase offset for BIO_f_enc() to avoid problems with overlapping buffers when decrypting data.	2005-04-28 00:21:29 +00:00
Dr. Stephen Henson	04b304d346	Update default dependency flags.	2005-04-27 16:32:30 +00:00
Dr. Stephen Henson	6c61726b2a	Lots of Win32 fixes for DTLS. 1. "unsigned long long" isn't portable changed: to BN_ULLONG. 2. The LL prefix isn't allowed in VC++ but it isn't needed where it is used. 2. Avoid lots of compiler warnings about signed/unsigned mismatches. 3. Include new library directory pqueue in mk1mf build system. 4. Update symbols.	2005-04-27 16:27:14 +00:00
Nils Larsch	cd202fe2f9	get rid of Makefile.ssl in util/	2005-04-27 08:56:15 +00:00
Nils Larsch	69af4faec1	no Makefile.ssl anymore	2005-04-27 08:48:55 +00:00
Nils Larsch	df9e0bf507	add missing parentheses	2005-04-27 07:57:50 +00:00
Dr. Stephen Henson	879b19801a	Change method_mont_p from (char ) to (BN_MONT_CTX ) and remove several casts.	2005-04-27 00:04:59 +00:00
Dr. Stephen Henson	6ec8e63af6	Port BN_MONT_CTX_set_locked() from stable branch. The function rsa_eay_mont_helper() has been removed because it is no longer needed after this change.	2005-04-26 23:58:54 +00:00
Dr. Stephen Henson	465b9f6b26	Stop unused variable warning.	2005-04-26 23:45:49 +00:00
Dr. Stephen Henson	0c9c87a76e	Remove more false positives.	2005-04-26 23:33:47 +00:00
Bodo Möller	a7a90b2f00	there's no such thing as Makefile.ssl anymore	2005-04-26 23:22:49 +00:00
Bodo Möller	4d6e7733fa	util/mk1mf.pl issues have been resolved	2005-04-26 23:22:25 +00:00
Dr. Stephen Henson	2deadf1672	Port from stable branch.	2005-04-26 23:21:49 +00:00
Dr. Stephen Henson	9ea862e0b3	More false positives and cases covered by port of prime.c	2005-04-26 23:19:21 +00:00
Bodo Möller	11c9b7cfeb	"PS" to Steve's commit (Port prime utility across from stable branch).	2005-04-26 23:11:05 +00:00
Dr. Stephen Henson	b08868c48a	Port prime utility across from stable branch.	2005-04-26 23:02:52 +00:00
Nils Larsch	9ca46ff609	add docu for BN_BLINDING functions	2005-04-26 22:33:36 +00:00
Nils Larsch	800e400de5	some updates for the blinding code; summary: - possibility of re-creation of the blinding parameters after a fixed number of uses (suggested by Bodo) - calculatition of the rsa::e in case it's absent and p and q are present (see bug report #785) - improve the performance when if one rsa structure is shared by more than a thread (see bug report #555) - fix the problem described in bug report #827 - hide the definition ot the BN_BLINDING structure in bn_blind.c	2005-04-26 22:31:48 +00:00
Dr. Stephen Henson	05886a6f77	Remove more false positives.	2005-04-26 22:25:10 +00:00
Dr. Stephen Henson	667aef4c6a	Port from stable branch.	2005-04-26 22:07:17 +00:00
Dr. Stephen Henson	49e179cc52	Remove more false positives.	2005-04-26 22:05:19 +00:00
Bodo Möller	aa4ce7315f	Fix various incorrect error function codes. ("perl util/ck_errf.pl /.c //*.c" still reports many more.)	2005-04-26 18:53:22 +00:00
Bodo Möller	c741b83762	take OPENSSL_NO_DGRAM into account (via make update)	2005-04-26 18:48:02 +00:00
Bodo Möller	64387788a9	let mkdef.pl know about OPENSSL_NO_DGRAM (which appears in the new file crypto/bio/bss_dgram.c)	2005-04-26 18:21:25 +00:00
Bodo Möller	480506bd49	remove some functions from exported headers	2005-04-26 18:18:35 +00:00
Bodo Möller	0d5ea7613e	make update	2005-04-26 18:09:21 +00:00
Bodo Möller	beb056b303	fix SSLerr stuff for DTLS1 code; move some functions from exported header <openssl/dtl1.h> into "ssl_locl.h"; fix silly indentation (a TAB is not always 4 spaces)	2005-04-26 18:08:00 +00:00
Dr. Stephen Henson	4e321ffaff	Fixes for signed/unsigned warnings and shadows.	2005-04-26 17:43:53 +00:00
Dr. Stephen Henson	6ededa42db	False positive removed.	2005-04-26 17:37:21 +00:00
Ben Laurie	36d16f8ee0	Add DTLS support.	2005-04-26 16:02:40 +00:00
Ben Laurie	ab781a0cb6	make depend.	2005-04-26 13:56:36 +00:00
Nils Larsch	19c2987eb6	remove false positive	2005-04-26 08:17:58 +00:00
Bodo Möller	b09af97686	some more false positives to remove	2005-04-25 23:19:07 +00:00
Bodo Möller	a7b1c7732f	make update	2005-04-25 23:17:30 +00:00
Bodo Möller	abc64463af	move some more entries into FIPS file	2005-04-25 23:16:58 +00:00
Bodo Möller	2e7245f5a3	Use OPENSSL_NO_CAST, not OPENSSL_NO_CAST5 in e_old.c PR: 959	2005-04-25 23:09:00 +00:00
Bodo Möller	f76b062e16	Remove some more entries that are false positives, or have been resolved by recent commits.	2005-04-25 23:06:15 +00:00
Bodo Möller	cc1717eaa4	Sort out changes in FIPS and other changes, collected in separate files. (Also remove another "make update".)	2005-04-25 22:55:24 +00:00
Bodo Möller	c5156d952e	remove some more false positives	2005-04-25 22:08:13 +00:00
Bodo Möller	0b2d0d7d13	remove some more false positives	2005-04-25 22:02:34 +00:00
Bodo Möller	b732a8cf5f	remove some more changes that came from HEAD	2005-04-25 21:54:14 +00:00
Bodo Möller	a7dc451ebe	fix editing error, and remove a false positive	2005-04-25 21:53:08 +00:00
Bodo Möller	87357fc0b8	update	2005-04-25 21:42:14 +00:00
Bodo Möller	a2c96d888d	remove extra whitespace; fix link	2005-04-25 21:36:56 +00:00
Bodo Möller	9a6c6b99bf	remove some false positives	2005-04-25 21:32:52 +00:00
Bodo Möller	033c79dff1	add recent changes; now this file is up-to-date	2005-04-25 21:25:48 +00:00
Bodo Möller	b362536275	bring up-to-date	2005-04-25 21:22:08 +00:00
Bodo Möller	aa16a28631	first step to melt down ChangeLog.0_9_7-stable_not-in-head :-)	2005-04-25 21:06:05 +00:00
Bodo Möller	2757c67da2	This is a collection of those CVS change log entries for the 0.9.7 branch (OpenSSL_0_9_7-stable) that do not appear similarly in 0.9.8-dev (CVS head). Some obvious false positives have been eliminated: e.g., we do not care about a simple "make update"; and we don't care about changes identified to the 0.9.7 branch that were explicitly identified as backports from head. Eliminating all other entries (and finally this file), either as false positives or as things that should go into 0.9.8, remains to be done.	2005-04-25 21:01:31 +00:00
Andy Polyakov	3d5fd31280	Avoid L1 cache aliasing even between key and S-boxes.	2005-04-24 21:09:20 +00:00
Ben Laurie	c7199e62f1	Flag changes in Configure and config, too. Update dependencies.	2005-04-24 12:02:49 +00:00
Nils Larsch	0b3fc6e63b	update	2005-04-24 09:17:48 +00:00
Dr. Stephen Henson	c2db9cfb52	Oops...	2005-04-24 02:24:53 +00:00
Dr. Stephen Henson	6bc8e6b898	Recognize zlib and krb5 options in mk1mf.pl	2005-04-24 02:21:02 +00:00
Nils Larsch	9edf4e8157	make asn.1 field names const	2005-04-23 13:45:49 +00:00
Nils Larsch	965a1cb92e	change prototype of the ecdh KDF: make input parameter const and the outlen argument more flexible	2005-04-23 10:11:16 +00:00
Ben Laurie	e9ad6665a5	Add debug target, remove cast, note possible bug.	2005-04-23 06:05:24 +00:00
Ben Laurie	b5855b2f32	Add prototypes.	2005-04-22 23:57:46 +00:00
Nils Larsch	a0bee97e55	more const	2005-04-22 21:57:36 +00:00
Nils Larsch	e7076c5a80	make update	2005-04-22 20:17:17 +00:00
Nils Larsch	ff22e913a3	- use BN_set_negative and BN_is_negative instead of BN_set_sign and BN_get_sign - implement BN_set_negative as a function - always use "#define BN_is_zero(a) ((a)->top == 0)"	2005-04-22 20:02:44 +00:00
Andy Polyakov	04d0d0accf	Avoid aliasing between stack frames and S-boxes. Compress prefetch code.	2005-04-22 11:49:32 +00:00
Nils Larsch	00df894701	the pointer to the message digest is const	2005-04-21 09:43:09 +00:00
Richard Levitte	630e4a6e59	Provide a default OPENSSL_ia32cap_loc for non-Intel platforms where util/libeay.num is important when building shared libraries, like VMS.	2005-04-21 09:10:19 +00:00
Dr. Stephen Henson	bf2336f478	Don't use standard kerberos library locations in MK1MF builds. Fix typo in mk1mf.pl	2005-04-21 00:46:28 +00:00
Dr. Stephen Henson	384dba6edb	Make kerberos ciphersuite code compile again. Avoid more shadow warnings.	2005-04-20 21:48:48 +00:00
Dr. Stephen Henson	2c45bf2bc9	Rename typed version of M_ASN1_get M_ASN1_get_x to avoid conflicts. Remove more bogus shadow warnings.	2005-04-20 21:48:06 +00:00
Dr. Stephen Henson	836ec0c764	Stop compiler warnings about deprecated lvalue casts.	2005-04-20 21:39:13 +00:00
Dr. Stephen Henson	5e72fb063a	Stop bogus shadowing warning.	2005-04-20 21:34:29 +00:00
Dr. Stephen Henson	2dc08d5f5d	Process MINFO file earlier in mk1mf.pl so it can modify variables like CFLAGS. Process kerberos include and library options.	2005-04-20 16:22:58 +00:00
Dr. Stephen Henson	00b8abee61	Handle similar mk1mf.pl options with a hash table.	2005-04-20 16:01:50 +00:00
Richard Levitte	7efebab9fd	signed vs. unsigned.	2005-04-20 13:21:10 +00:00
Richard Levitte	a74286d636	Make sure id2_func is properly cast as well...	2005-04-20 13:17:42 +00:00
Richard Levitte	254cfe878e	signed vs. unsigned.	2005-04-20 13:12:33 +00:00
Richard Levitte	ed824195a1	Avoid compiler complaint about mismatched function signatures (void * != char *)	2005-04-20 13:09:46 +00:00
Richard Levitte	22c3600e4c	Resolve signed vs. unsigned.	2005-04-20 12:55:15 +00:00
Richard Levitte	49f386578e	Type mismatch detected by DEC C compiler. void* != void**	2005-04-20 12:53:50 +00:00
Richard Levitte	7c671508bd	Avoid compiler complaint about mismatched function signatures (void * != RSA *)	2005-04-20 10:02:16 +00:00
Dr. Stephen Henson	d3fdc27aa8	Fix logic in mkdef.pl function is_valid. Update symbols	2005-04-19 23:54:44 +00:00
Dr. Stephen Henson	40e950aed6	Stop perl warning.	2005-04-19 18:57:17 +00:00
Dr. Stephen Henson	987bebaf8c	New "algorithm define" OPENSSL_NO_GMP. Update mkdef.pl and Configure script to use it.	2005-04-19 13:24:44 +00:00
Dr. Stephen Henson	65f0efe198	Ignore TYPEDEF_OF in mkdef.pl	2005-04-19 11:49:25 +00:00
Dr. Stephen Henson	e77d8f2ecd	Update year.	2005-04-19 00:15:18 +00:00
Dr. Stephen Henson	f68854b4c3	Various Win32 and other fixes for warnings and compilation errors. Fix Win32 build system to use 'Makefile' instead of 'Makefile.ssl'.	2005-04-19 00:12:36 +00:00
Andy Polyakov	1cfd258ed6	Throw in x86_64 AT&T to MASM assembler converter to facilitate development of dual-ABI Unix/Win64 modules.	2005-04-17 21:05:57 +00:00
Dr. Stephen Henson	04d7d51ea2	Fix from stable branch.	2005-04-17 13:59:36 +00:00
Richard Levitte	2906dc8601	Synchronise with ec/Makefile.	2005-04-17 09:07:37 +00:00
Andy Polyakov	c8d5c71af5	Mitigate cache-timing attack in CBC mode. This is done by implementing compressed tables (2x compression factor) and by pre-fetching them into processor cache prior every CBC en-/decryption pass. One can argue why just CBC? Well, it's commonly used mode in real-life applications and API allows us to amortize the prefetch costs for larger data chunks...	2005-04-16 15:23:21 +00:00
Nils Larsch	ff990440ee	const fixes	2005-04-15 18:29:33 +00:00
Nils Larsch	0e304b7f41	EVP_CIPHER_CTX_init is a void function + fix typo PR: 1044 + 1045	2005-04-15 16:01:35 +00:00
Dr. Stephen Henson	fbe6ba81e9	Check return values of <Digest>_Init functions in low level digest calls.	2005-04-14 22:58:44 +00:00
Andy Polyakov	2b85e23d2e	Prototype mnemonics in padlock_verify_context for better portability [read support for Solaris assembler].	2005-04-14 07:47:10 +00:00
Andy Polyakov	026bb0b96a	Fix for bug emerged in openvpn conext.	2005-04-14 07:41:29 +00:00
Andy Polyakov	6424498226	Final touch to mingw shared.	2005-04-13 23:54:28 +00:00
Andy Polyakov	3ed449e94a	More cover-ups, removing OPENSSL_GLOBAL/EXTERNS. We can remove more...	2005-04-13 21:46:30 +00:00
Andy Polyakov	4f1c33b430	Addenum to http://cvs.openssl.org/chngview?cn=13054 .	2005-04-13 21:10:07 +00:00
Andy Polyakov	1334462ab3	Final(?) touches to mingw shared support.	2005-04-13 21:08:39 +00:00
Andy Polyakov	e62991a07c	Zap OPENSSL_EXTERN on symbols, which are not meant to be local to DLL.	2005-04-13 20:51:42 +00:00
Nils Larsch	52272327f3	Makefile.ssl -> Makefile	2005-04-13 19:09:43 +00:00
Andy Polyakov	1bf955920a	Fix typos.	2005-04-13 15:41:11 +00:00
Andy Polyakov	51d28013db	Introduce OPENSSL_NONPIC_relocated to denote relocated DLLs.	2005-04-13 08:46:35 +00:00
Andy Polyakov	8861ba355d	Parameterize do_solaris rules in Makefile.shared.	2005-04-13 07:22:41 +00:00
Andy Polyakov	9e88c82703	Minor cryptlib.c update: compiler warnings in OPENSSL_showfatal and OPENSSL_stderr stub.	2005-04-13 06:55:42 +00:00
Dr. Stephen Henson	9d2f51c086	Update FAQ.	2005-04-12 16:38:00 +00:00
Dr. Stephen Henson	ad0db060b1	More overwritten stuff...	2005-04-12 16:36:36 +00:00
Dr. Stephen Henson	3547478fc8	Replace overwritten lines before error codes.	2005-04-12 16:17:53 +00:00
Dr. Stephen Henson	29dc350813	Rebuild error codes.	2005-04-12 16:15:22 +00:00
Dr. Stephen Henson	bc3cae7e7d	Include error library value in C error source files instead of fixing up at runtime.	2005-04-12 13:31:14 +00:00
Nils Larsch	37942fab51	include limits.h for UINT_MAX etc.	2005-04-11 20:59:58 +00:00
Richard Levitte	36521f0150	Add a NEWS item for 0.9.7g.	2005-04-11 15:05:45 +00:00
Richard Levitte	4bb61becbb	Add emacs cache files to .cvsignore.	2005-04-11 14:17:07 +00:00
Dr. Stephen Henson	b392e52050	Move allow_proxy_certs declaration to start of function.	2005-04-10 23:41:09 +00:00
Dr. Stephen Henson	0858b71b41	Make kerberos ciphersuite code work with newer header files	2005-04-09 23:55:55 +00:00
Richard Levitte	d9bfe4f97c	Added restrictions on the use of proxy certificates, as they may pose a security threat on unexpecting applications. Document and test.	2005-04-09 16:07:12 +00:00
Nils Larsch	dc0ed30cfe	add support for DER encoded private keys to SSL_CTX_use_PrivateKey_file() and SSL_use_PrivateKey_file() PR: 1035 Submitted by: Walter Goulet Reviewed by: Nils Larsch	2005-04-08 22:52:42 +00:00
Nils Larsch	e248596bac	improve docu of SSL_CTX_use_PrivateKey()	2005-04-08 22:49:57 +00:00
Nils Larsch	6049399baf	get rid of very buggy and very imcomplete DH cert support Reviewed by: Bodo Moeller	2005-04-07 23:19:17 +00:00
Nils Larsch	f763e0b5ae	make sure error queue is totally emptied PR: 359	2005-04-07 22:53:35 +00:00
Nils Larsch	eb3eab20a8	const fixes	2005-04-07 22:48:33 +00:00
Andy Polyakov	4848cbf1cf	Recognize MSYS/MINGW environment.	2005-04-07 20:24:29 +00:00
Andy Polyakov	9f2027e56d	Implement OPENSSL_showfatal and make it Win32 GUI and service aware [meaning that it will detect in which context application is running and either write message to stderr, post a dialog or log an event].	2005-04-07 18:39:45 +00:00
Andy Polyakov	e1d51de41f	Harmonize cygwin/mingw and VC targets.	2005-04-07 15:51:55 +00:00
Andy Polyakov	81ee80ab88	+45% RC4 performance boost on Intel EM64T core. Unrolled loop providing further +35% will follow... Submitted by: Zou Nanhai	2005-04-06 09:45:42 +00:00
Nils Larsch	7d727231b7	some const fixes	2005-04-05 19:11:19 +00:00
Nils Larsch	69740c2b3f	update progs.pl to reflect changes in progs.h	2005-04-05 18:17:13 +00:00
Nils Larsch	119d1a1dd4	fix example in docu PR: 800	2005-04-05 11:17:03 +00:00
Nils Larsch	70f34a5841	some const fixes and cleanup	2005-04-05 10:29:43 +00:00
Nils Larsch	c2e40d0f9a	remove unused recp method	2005-04-04 18:15:59 +00:00
Andy Polyakov	0abfd60604	Extend Solaris x86 support to amd64.	2005-04-04 17:10:53 +00:00
Andy Polyakov	e5dbccc182	Solaris x86 linker erroneously pads .init segment with zeros instead of nops, which causes SEGV at startup. So I don't align anymore.	2005-04-04 17:07:16 +00:00
Andy Polyakov	f8fa22d826	Some non-GNU compilers (such as Sun C) define __i386.	2005-04-04 17:05:06 +00:00
Bodo Möller	c393222280	HISTORY section: point out change of default digest	2005-04-03 23:53:48 +00:00
Andy Polyakov	60fd574cdf	Make bn/asm/x86_64-gcc.c gcc4 savvy. +r is likely to be initially introduced for a reason [like bug in initial gcc port], but proposed =&r is treated correctly by senior 3.2, so we can assume it's safe now. PR: 1031	2005-04-03 18:53:29 +00:00
Ben Laurie	73705abc34	If input is bad, we still need to clear the buffer.	2005-04-03 16:38:22 +00:00
Nils Larsch	12bdb64375	use SHA-1 as the default digest for the apps/openssl commands	2005-04-02 09:29:15 +00:00
Dr. Stephen Henson	7bdf8eed69	Typo	2005-04-01 21:56:15 +00:00
Nils Larsch	48c832b6b7	really clear the error queue here PR: 860	2005-04-01 17:50:09 +00:00
Nils Larsch	f3e427f6f9	use SSL3_VERSION_MAJOR instead of SSL3_VERSION etc. PR: 658	2005-04-01 17:35:32 +00:00
Ben Laurie	8bb826ee53	Consistency.	2005-03-31 13:57:54 +00:00
Richard Levitte	5d1430f390	Add a file with fingerprints that have recently been used to sign OpenSSL distributions, or are about to. This has been requested a little now and then by users, for years :-/...	2005-03-31 11:51:47 +00:00
Ben Laurie	45d10efc35	Simplicate and add lightness.	2005-03-31 10:55:55 +00:00
Ben Laurie	db3cb0e97a	Get rid of irritating noise.	2005-03-31 10:34:59 +00:00
Ben Laurie	41a15c4f0f	Give everything prototypes (well, everything that's actually used).	2005-03-31 09:26:39 +00:00
Nils Larsch	fea4280a8b	fix header	2005-03-30 21:38:29 +00:00
Nils Larsch	e852b8533f	Makefile.ssl doesn't exist anymore	2005-03-30 21:37:05 +00:00
Ben Laurie	20a3439ea9	Take account of Makefile.ssl removal.	2005-03-30 14:44:50 +00:00
Ben Laurie	a273a2824c	Make tags target useful.	2005-03-30 14:19:21 +00:00
Ben Laurie	24c97c819d	Don't debug.	2005-03-30 14:15:14 +00:00
Ben Laurie	42ba5d2329	Blow away Makefile.ssl.	2005-03-30 13:05:57 +00:00
Nils Larsch	c3e6402857	update docs (recent constification)	2005-03-30 11:50:14 +00:00
Ben Laurie	0821bcd4de	Constification.	2005-03-30 10:26:02 +00:00
Nils Larsch	4a6a2032ed	the second argument of EVP_SealInit is const	2005-03-29 17:50:08 +00:00
Nils Larsch	c01d2b974e	when building with OPENSSL_NO_DEPRECATED defined BN_zero is a macro which cannot be evaluated in an if statement	2005-03-28 15:06:29 +00:00
Bodo Möller	b0ef321cc8	Harmonize with CHANGES as distributed in OpenSSL 0.9.7f.	2005-03-24 01:37:07 +00:00
Ulf Möller	7a8c728860	undo Cygwin change	2005-03-24 00:14:59 +00:00
Richard Levitte	6141b86a49	Change the memory leak FAQ entry to describe the levels of thread safety in each function	2005-03-23 21:14:59 +00:00
Dr. Stephen Henson	23fadaa084	Update FAQ	2005-03-22 20:10:38 +00:00
Dr. Stephen Henson	e27a259696	Doc fixes.	2005-03-22 17:55:33 +00:00
Nils Larsch	41e455bfc4	test, remove unnecessary const cast	2005-03-22 17:55:18 +00:00
Dr. Stephen Henson	59b6836ab2	Ensure (SSL_RANDOM_BYTES - 4) of pseudo random data is used for server and client random values.	2005-03-22 14:11:06 +00:00
Richard Levitte	9fc9b55237	There are cases when there are no files left to verify. Make sure to handle that properly.	2005-03-21 13:52:12 +00:00
Nils Larsch	689c6f2542	add new curves to the loop (with some cleanup from me) Submitted by: Jean-Luc Duval Reviewed by: Nils Larsch	2005-03-20 23:12:13 +00:00
Nils Larsch	f4bfd357e5	some const fixes	2005-03-20 22:56:07 +00:00
Ulf Möller	130db968b8	Use Windows randomness code on Cygwin	2005-03-19 11:39:17 +00:00
Ulf Möller	8d274837e5	fix breakage for Perl versions that do boolean operations on long words	2005-03-19 11:13:30 +00:00
Ulf Möller	5855038049	typo	2005-03-19 10:19:45 +00:00
Richard Levitte	d18685d959	Added HOWTO about proxy certificates.	2005-03-14 15:39:25 +00:00
Bodo Möller	9f6715d4bb	"make depend". This takes into account the algorithms that are now disabled by default (MDC2 and RC5), which until now were skipped by "make links" and yet supposedly required by some of the Makefiles, meaning that the recent snapshots failed to compile. Problem reported by Nils Larsch.	2005-03-13 19:49:47 +00:00
Bodo Möller	ab185b6038	It seems that Configure revision 1.404 broke "make depend" by hiding from it which algorithms were disabled. With these new changes, "make depend" will properly take into account algorithms that are skipped.	2005-03-13 19:46:58 +00:00
Andy Polyakov	1642000707	Cygwin to use DSO_FLFCN and mingw to use DSO_WIN32.	2005-03-12 11:28:41 +00:00
Andy Polyakov	f7f2125522	Avoid re-build avalanches with HP-UX make.	2005-03-12 09:12:44 +00:00
Bodo Möller	2b61034b0b	fix potential memory leak when allocation fails PR: 801 Submitted by: Nils Larsch	2005-03-11 09:01:24 +00:00
Bodo Möller	80c808b90b	Fix typo PR: 1017 Submitted by: ciresh@yahoo.com Reviewed by: Nils Larsch	2005-03-09 19:08:02 +00:00
Bodo Möller	af1048c25c	Take MDC2 patent into account.	2005-03-02 20:22:58 +00:00
Bodo Möller	ecc5ef8793	In addition to RC5, also exclude MDC2 from compilation unless the algorithm is explicitly requested.	2005-03-02 20:11:31 +00:00
Bodo Möller	c9a112f540	Change ./Configure so that certain algorithms can be disabled by default. This is now the case for RC5. As a side effect, the OPTIONS in the Makefile will usually look a little different now, but they are essentially only for information anyway.	2005-02-22 10:29:51 +00:00
Lutz Jänicke	5286db697f	Fix typo on blowfish manual page PR: 1010 Submitted by: Marc Balmer <mbalmer@openbsd.org>	2005-02-19 10:26:18 +00:00
Lutz Jänicke	f69a8aebab	Fix hang in EGD/PRNGD query when communication socket is closed prematurely by EGD/PRNGD. PR: 1014 Submitted by: Darren Tucker <dtucker@zip.com.au>	2005-02-19 10:19:07 +00:00
Dr. Stephen Henson	9d10b15ef9	Fix possible memory leak.	2005-02-14 21:53:24 +00:00
Andy Polyakov	da30c74a27	Remove unused assembler modules.	2005-02-06 13:43:02 +00:00
Andy Polyakov	67ea999d4a	This patch was "ignited" by OpenBSD 3>=4 support. They've switched to ELF and GNU binutils, but kept BSD make... And I took the opportunity to unify other targets to this common least denominator...	2005-02-06 13:23:34 +00:00
Andy Polyakov	e1892f2370	Reliable BSD-x86-elf detection in ./config.	2005-02-06 13:20:23 +00:00
Andy Polyakov	fe28866d71	Make Makefile.shared BSD make-friendly, remove more redundant -lc, set up OBJECT_MODE for AIX.	2005-02-06 13:18:40 +00:00
Andy Polyakov	de4ab1e629	Make util/shlib_wrap.sh [Open]BSD-friendly.	2005-02-06 13:15:21 +00:00
Andy Polyakov	216ddfaf6b	Mention no-sse2 option in INSTALL note.	2005-02-06 13:10:23 +00:00
Dr. Stephen Henson	8aa36bcac9	In mkdef.pl ignore trailing whitespace in #ifdef lines	2005-02-05 17:22:14 +00:00
Andy Polyakov	485e30dbe1	Drop redundant -lc from a number of rules in Makefile.shared. It's perfectly safe [compiler driver adds it] and in some situation even perfectly appropriate [mixing -pthread and -lc on FreeBSD can have lethal effect on apps/openssl]. I'd say we should get rid of more, but I remove those I can test myself...	2005-02-03 22:40:40 +00:00
Andy Polyakov	877dbcb8a0	Shut whiny make's up.	2005-02-03 10:19:59 +00:00
Andy Polyakov	62d27939c2	Address run-time linker problems: LD_PRELOAD issue on multi-ABI platforms and SafeDllSearchMode in Windows. Submitted by: Richard Levitte	2005-02-01 23:48:37 +00:00
Richard Levitte	8c3c570134	The first argument to load_iv should really be a char instead of an unsigned char , since it points at text. Thanks to Nils Larsch <nils.larsch@cybertrust.com> for pointing out the inelegance of our code :-)	2005-01-27 11:42:28 +00:00
Richard Levitte	97a1630e81	Oops, == should really be = when used with test ([ and ]). I guess I use bash too much... Thanks to Peter Sylvester <Peter.Sylvester@edelweb.fr> for pointing it out to me.	2005-01-27 10:59:36 +00:00
Richard Levitte	bf746f0f46	Check for errors from EVP_VerifyInit_ex(), or EVP_VerifyUpdate might cause a segfault... This was uncovered because EVP_VerifyInit() may fail in FIPS mode if the wrong algorithm is chosen...	2005-01-27 01:49:25 +00:00
Richard Levitte	a229e3038e	Get rid if the annoying warning	2005-01-27 01:47:31 +00:00
Richard Levitte	4aca9297dc	The mix of CFLAGS and LDFLAGS is a bit confusing in my opinion, and Makefile.shared was a bit overcomplicated. Make the shell variables LDFLAGS and SHAREDFLAGS in Makefile.shared get the values of $(CFLAGS) or $(LDFLAGS) as appropriate depending on the value the shell variables LDCMD and SHAREDCMD get. That leaves much less chance of confusion, since those pairs of shell variables always are defined together.	2005-01-26 23:51:20 +00:00
Andy Polyakov	b2c5960935	Respect the fact that most interactive shells don't restore stty settings and make it work in non-interactive mode...	2005-01-26 19:58:15 +00:00
Andy Polyakov	fbdce13e5a	Please BSD make...	2005-01-25 22:09:11 +00:00
Andy Polyakov	e532a6c449	FreeBSD 5 refuses to #include <malloc.h>. Fix compiler warning after http://cvs.openssl.org/chngview?cn=12843.	2005-01-25 22:07:22 +00:00
Andy Polyakov	14bcdb087f	./Configure to respect $thread_cflag variable.	2005-01-24 15:58:25 +00:00
Andy Polyakov	b7efa56a4a	Fold a bunch of linux and *BSD targets into [linux\|BSD]-generic[32\|64]. Idea is to provide unified "fall-down" case for all rare platforms out there. ./config is free to enable some optimizations, such as endianness specification, specific -mcpu flags...	2005-01-24 14:38:14 +00:00
Andy Polyakov	8359421d90	Default to AES u32 being unsinged int and not long. This improves cache locality on 64-bit platforms (and fixes IA64 assembler-empowered build:-). The choice is guarded by newly introduced AES_LONG macro, which needs to be defined only on 16-bit platforms which we don't support (not that I know of). Meaning that one could as well skip long option altogether.	2005-01-24 14:22:05 +00:00
Andy Polyakov	efde5230f1	Improve ECB performance (48+14rounds -> 18+13rounds) and reserve for hand-coded zero-copy AES_cbc_encrypt.	2005-01-24 14:14:53 +00:00
Andy Polyakov	f5ffad9d1d	linux-arm target update. PR: 991	2005-01-21 10:32:57 +00:00
Andy Polyakov	57a68b2129	linux-parisc update. PR: 990 Submitted by: Mike Frysinger <vapier@gentoo.org>	2005-01-20 17:00:14 +00:00
Andy Polyakov	bac252a5e3	Bug-fix in CBC encrypt tail processing and commentary section update.	2005-01-20 10:33:37 +00:00
Richard Levitte	a963395a7b	Apparently, at least with my VMS C environment, defining _XOPEN_SOURCE gets _POSIX_C_SOURC and _ANSI_C_SOURCE defined, which stops u_int from being defined, and that breaks havock into the rest of the standard headers... sigh	2005-01-19 17:03:07 +00:00
Richard Levitte	d8863f0bdb	Small thing. It seems like we have to defined _XOPEN_SOURCE to get isascii() on DEC/Compaq/HP C for VMS.	2005-01-18 16:46:02 +00:00
Andy Polyakov	addb6e16a8	Throw in AES CBC assembler, up to +40% on aes-128-cbc benchmark.	2005-01-18 01:04:41 +00:00
Andy Polyakov	4d27c4c960	Fix a typo in a.out assembler modules.	2005-01-18 00:46:55 +00:00
Andy Polyakov	ed65fab910	Reserve for AES CBC assembler implementation...	2005-01-18 00:43:32 +00:00
Andy Polyakov	90cc40911b	Don't zap AES CBC IV, when decrypting truncated content in place.	2005-01-18 00:26:52 +00:00
Richard Levitte	a7201e9a1b	Changes concering RFC 3820 (proxy certificates) integration: - Enforce that there should be no policy settings when the language is one of id-ppl-independent or id-ppl-inheritAll. - Add functionality to ssltest.c so that it can process proxy rights and check that they are set correctly. Rights consist of ASCII letters, and the condition is a boolean expression that includes letters, parenthesis, &, \| and ^. - Change the proxy certificate configurations so they get proxy rights that are understood by ssltest.c. - Add a script that tests proxy certificates with SSL operations. Other changes: - Change the copyright end year in mkerr.pl. - make update.	2005-01-17 17:06:58 +00:00
Dr. Stephen Henson	fcd5cca418	PKCS7_verify() performance optimization. When the content is large and a memory BIO (for example from SMIME_read_PKCS7 and detached data) avoid lots of slow memory copies from the memory BIO by saving the content in a temporary read only memory BIO.	2005-01-14 17:52:24 +00:00
Andy Polyakov	9222bc6b4e	INSTALL.DJGPP sync. PR: 989	2005-01-14 16:25:36 +00:00
Andy Polyakov	e6d27baf52	Rely on e_os.h to appropriately define str[n]casecmp in non-POSIX environments.	2005-01-13 15:46:09 +00:00
Andy Polyakov	e7e1150706	"Monolithic" x86 assembler replacement for aes_core.c. Up to +15% better performance on recent microarchitectures.	2005-01-13 15:35:44 +00:00
Andy Polyakov	5d727078ac	Fix an "oops" typo! Well, it was a debugging left-over...	2005-01-13 15:25:30 +00:00
Andy Polyakov	108159ffcc	O_NOFOLLOW is not appropriate when opening /dev/* entries on Solaris. PR: 998	2005-01-13 15:20:42 +00:00
Richard Levitte	c4d423511a	Small typo, `mask' got the same value ORed to it twice instead of `mask' and `emask' getting that operation done once each. Patch supplied by Nils Larsch <nils.larsch@cybertrust.com>	2005-01-12 16:40:48 +00:00
Richard Levitte	b15a93a9c5	Correct a faulty address assignment, and add a length check (not really needed now, but may be needed in the future, who knows?).	2005-01-12 09:53:20 +00:00
Andy Polyakov	d9248e5780	FAQ update to mention no-sha0 as possible workaround for Tru64 compiler bug. Well, no-options seem to be busted in HEAD currently, which should/will be fixed one way or another (see PR#989 for a possible alternative).	2005-01-09 20:42:33 +00:00
Andy Polyakov	0b52f89b81	DJGPP documentation note update.	2005-01-09 20:14:04 +00:00
Andy Polyakov	7de4b5b060	Permit "monolithic" AES assembler implementations, i.e. such which would replace whole aes_core.c, not only AES_[de\|en]crypt routines.	2005-01-09 16:01:58 +00:00
Andy Polyakov	02a00bb054	DJGPP update. PR: 989 Submitted by: Doug Kaufman	2005-01-04 10:28:38 +00:00
Andy Polyakov	3b4de6e4cc	Borrow #include <string[s].h> from e_os.h.	2004-12-31 00:00:05 +00:00
Andy Polyakov	bdbc9b4d1a	Make whiny compilers stop complaining about missing prototype.	2004-12-30 23:40:31 +00:00
Andy Polyakov	09ef94d2c9	Fix Win32 test-suit.	2004-12-30 22:55:28 +00:00
Andy Polyakov	3ffb8d42bc	Remove naming conflict between variable and label.	2004-12-30 11:10:11 +00:00
Andy Polyakov	25866e3982	Commentary update for AES IA-64 assembler module.	2004-12-30 10:55:02 +00:00
Andy Polyakov	3b3df98ca6	Minor AES x86 assembler tune-up.	2004-12-30 10:46:03 +00:00
Andy Polyakov	2e4a99f38b	AES-CFB[18] 2x optimization. Well, I bet nobody cares about AES-CFB1 performance, but anyway...	2004-12-30 10:43:33 +00:00
Dr. Stephen Henson	e90faddaf8	Prompt for passphrases for PKCS12 input format	2004-12-29 01:07:14 +00:00
Andy Polyakov	f1ce306f30	Oops-kind typos in aes-ia64.S...	2004-12-28 17:10:42 +00:00
Richard Levitte	37b11ca78e	iv needs to be const because it sometimes takes it's value from a const.	2004-12-28 10:35:13 +00:00
Richard Levitte	a17af9e277	Forgot to synchronise the VMS build scripts.	2004-12-28 10:22:00 +00:00
Richard Levitte	6951c23afd	Add functionality needed to process proxy certificates.	2004-12-28 00:21:35 +00:00
Andy Polyakov	de421076a5	Minor cygwin update. PR: 949	2004-12-27 21:27:46 +00:00
Andy Polyakov	bd16cd6bcc	As new major IRIX release is highly unlikely to appear [and break following], I change from -notall to -none synonym in irix rules to improve backward compatibility with IRIX 5.x. PR: 987	2004-12-27 14:59:36 +00:00
Andy Polyakov	0c51600203	Remove CPU detect for IRIX targets. Performance gain is less than 1%, it makes more sense to strive for broader binary compatibility...	2004-12-27 14:57:54 +00:00
Andy Polyakov	9850f7f6b2	Remove yet another redundant memcpy. Not at least performance critical, essentially cosmetic modification...	2004-12-26 13:05:40 +00:00
Andy Polyakov	131e064e4a	Eliminate redundant memcpy of IV material. Performance improvement varies from platform to platform and can be as large as 20%.	2004-12-26 12:31:37 +00:00
Andy Polyakov	556b8f3f77	Engage AES x86 assembler module for COFF and a.out targets.	2004-12-26 10:58:39 +00:00
Andy Polyakov	045d3285e2	Engage AES x86 assembler module on ELF platforms.	2004-12-23 21:44:28 +00:00
Andy Polyakov	d1df5b4339	x86 perlasm update to accomodate aes-586.pl.	2004-12-23 21:43:25 +00:00
Andy Polyakov	25558bf743	Eliminate copies of TeN and TdN, use those found in assembler module.	2004-12-23 21:40:23 +00:00
Andy Polyakov	713147109c	AES x86 assembler implementation.	2004-12-23 21:32:34 +00:00
Andy Polyakov	76ef6ac956	Refine PowerPC platform support.	2004-12-20 13:44:34 +00:00
Dr. Stephen Henson	a842df6659	Remove unused buffer 'buf'.	2004-12-20 00:49:36 +00:00
Dr. Stephen Henson	c05a7f5dfd	Don't use multiple storage types.	2004-12-19 01:21:18 +00:00
Geoff Thorpe	627bd6709c	Fix typos in the ecparam doc. Submitted by: Nils Larsch	2004-12-17 05:42:00 +00:00
Richard Levitte	fbf218b8c3	make update (oops, missed this file)	2004-12-13 22:57:39 +00:00
Richard Levitte	3c97bd833b	Change libeay.num so it's synchronised with additions in 0.9.7-stable. make update	2004-12-13 22:57:08 +00:00
Dr. Stephen Henson	abbc186bd2	Fix s_client so it works without a certificate again.	2004-12-13 18:02:23 +00:00
Richard Levitte	de6859e442	Propagate a few more variables to Makefile.shared when linking programs.	2004-12-13 17:28:44 +00:00
Dr. Stephen Henson	5e8904f289	Remove duplicate lines.	2004-12-12 13:15:49 +00:00
Andy Polyakov	0c0788ba0a	Solaris x86 perlasm update.	2004-12-10 11:24:42 +00:00
Andy Polyakov	905fd45b36	Engage SHA1 IA64 assembler on IA64 platforms.	2004-12-09 15:39:55 +00:00
Dr. Stephen Henson	c162b132eb	Automatically mark the CRL cached encoding as invalid when some operations are performed.	2004-12-09 13:35:06 +00:00
Andy Polyakov	b4e0ce5165	SHA1 assembler for IA-64.	2004-12-09 11:57:38 +00:00
Andy Polyakov	17f0e916db	Extend RC4 test.	2004-12-07 11:55:56 +00:00
Dr. Stephen Henson	3dfa23cbc4	Update 'certs' directory. Move expired certificates to expired directory and zero assurance demontrations CAs to 'demo'.	2004-12-05 19:48:02 +00:00
Dr. Stephen Henson	a37e22d866	Use X509_cmp_time() in -checkend option, to support GeneralizedTime.	2004-12-05 18:26:19 +00:00
Dr. Stephen Henson	41c70d47d7	Remaing bits of PR:620 relevant to 0.9.8.	2004-12-05 01:50:56 +00:00
Dr. Stephen Henson	a0e7c8eede	Add lots of checks for memory allocation failure, error codes to indicate failure and freeing up memory if a failure occurs. PR:620	2004-12-05 01:03:15 +00:00
Dr. Stephen Henson	a8e00b17ce	Update year.	2004-12-05 00:51:41 +00:00
Dr. Stephen Henson	3e66ee9f01	In by_file.c check last error for no start line, not first error.	2004-12-04 21:25:51 +00:00
Dr. Stephen Henson	5b40d7dd97	Add -passin argument to dgst command.	2004-12-03 12:26:56 +00:00
Dr. Stephen Henson	8f284faaec	V1 certificates that aren't self signed can't be accepted as CAs.	2004-12-03 00:10:34 +00:00
Andy Polyakov	f774accdbf	Fix rc4-ia64.S to pass more exhaustive regression tests.	2004-12-02 10:07:55 +00:00
Dr. Stephen Henson	8544a80776	Add couple of OIDs. Resync NIDs for consistency with 0.9.7.	2004-12-01 18:09:53 +00:00
Andy Polyakov	7c69478064	I've introduced a bug to i386 RC4 assembler, which would emerge with certain mix of calls to RC4 routine not covered by rc4test.c. It's fixed now. In addition this patch inadvertently fixes minor performance problem: in 0.9.7 context P4 was performing 12% slower than the original implementation...	2004-12-01 15:28:18 +00:00
Dr. Stephen Henson	1862dae862	Perform partial comparison of different character types in X509_NAME_cmp().	2004-12-01 01:45:30 +00:00
Andy Polyakov	b7b46c9a87	Add 0.9.7 specific comments to RC4 assembler modules.	2004-11-30 15:46:46 +00:00
Mark J. Cox	e6e1f4cb5e	Mention that the keys likely to have signed the distribution are now listed on the web site for easy finding and downloading	2004-11-30 14:34:16 +00:00
Richard Levitte	5073ff0346	Split X509_check_ca() into a small self and an internal function check_ca(), to resolve constness issue. check_ca() is called from the purpose checkers instead of X509_check_ca(), since the stuff done by the latter (except for calling check_ca()) is also done by X509_check_purpose().	2004-11-30 12:18:55 +00:00
Andy Polyakov	fc7fc5678f	sha1_block_asm_data_order can't hash if message crosses 2GB boundary.	2004-11-29 21:19:56 +00:00
Andy Polyakov	7a3240e319	Final touches to rc4/asm/rc4-596.pl, +52% better performance on AMD core.	2004-11-29 21:12:58 +00:00
Richard Levitte	5022e4ecdf	Document the change.	2004-11-29 11:57:00 +00:00
Richard Levitte	30b415b076	Make an explicit check during certificate validation to see that the CA setting in each certificate on the chain is correct. As a side- effect always do the following basic checks on extensions, not just when there's an associated purpose to the check: - if there is an unhandled critical extension (unless the user has chosen to ignore this fault) - if the path length has been exceeded (if one is set at all) - that certain extensions fit the associated purpose (if one has been given)	2004-11-29 11:28:08 +00:00
Andy Polyakov	914c2a28c0	perlasm/x86[ms\|nasm] update to accomodate updated RC4 assembler module.	2004-11-27 15:14:58 +00:00
Andy Polyakov	ea681ba872	Summarize recent RC4 tune-ups.	2004-11-26 15:26:09 +00:00
Andy Polyakov	bc3e7fabe7	Engage RC4 IA-64 assembler module.	2004-11-26 15:12:17 +00:00
Andy Polyakov	d675c74d14	RC4 IA-64 assembler implementation.	2004-11-26 15:07:50 +00:00
Dr. Stephen Henson	59c7029862	Typo.	2004-11-26 01:04:55 +00:00
Dr. Stephen Henson	1582a4073e	Add errstr manual page	2004-11-25 18:21:26 +00:00
Dr. Stephen Henson	401ee37a3e	Allow alternative manual sections to be embedded in .pod file comments.	2004-11-25 17:47:31 +00:00
Dr. Stephen Henson	cb26a20cb1	Update docs	2004-11-25 14:14:25 +00:00
Dr. Stephen Henson	82c4674e47	Update docs.	2004-11-25 14:11:25 +00:00
Dr. Stephen Henson	9d2996b82f	Check return code of EVP_CipherInit() in PKCS#12 code.	2004-11-24 01:21:03 +00:00
Dr. Stephen Henson	3fee255102	Typo.	2004-11-23 21:40:10 +00:00
Dr. Stephen Henson	16df5f066a	Fix memory leak.	2004-11-23 21:22:21 +00:00
Andy Polyakov	959f9b1158	linux-x86_64 didn't link after EM64T RC4 tune-up...	2004-11-23 09:06:12 +00:00
Andy Polyakov	376729e130	RC4 tune-up for Intel P4 core, both 32- and 64-bit ones. As it's apparently impossible to compose blended code with would perform satisfactory on all x86 and x86_64 cores, an extra RC4_CHAR code-path is introduced and P4 core is detected at run-time. This way we keep original performance on non-P4 implementations and turbo-charge P4 performance by factor of 2.8x (on 32-bit core).	2004-11-21 10:36:25 +00:00
Dr. Stephen Henson	00dd8f6d6e	In "req" exit immediately if configuration file is needed and it can't be loaded instead of giving the misleading: "unable to find 'distinguised_name' in config" error message.	2004-11-17 18:36:13 +00:00
Dr. Stephen Henson	5dd87981bf	Update X509v3 doc.	2004-11-17 00:55:43 +00:00
Dr. Stephen Henson	37dccd8ff2	Update X509v3 docs.	2004-11-16 17:45:13 +00:00
Dr. Stephen Henson	826a42a088	PR: 910 Add command line options -certform, -keyform and -pass to s_client and s_server. This supports the use of alternative passphrase sources, key formats and keys handled by an ENGINE. Update docs.	2004-11-16 17:30:59 +00:00
Dr. Stephen Henson	19f39703f7	Initial pod documentation of X509V3 config file format.	2004-11-16 14:09:12 +00:00
Dr. Stephen Henson	151368ccba	PR: 940 Typo: use prompt_info, not cb_data->prompt_info.	2004-11-14 15:40:00 +00:00
Dr. Stephen Henson	4451c2558e	PR: 923 Typo.	2004-11-14 15:11:37 +00:00
Dr. Stephen Henson	4a64f3d665	PR: 938 Typo.	2004-11-14 13:55:16 +00:00
Dr. Stephen Henson	5fee606442	Zap obsolete der_chop script.	2004-11-14 00:08:36 +00:00
Dr. Stephen Henson	521aaafc6a	PR: 969 Submitted by: David Holmes <davidh@3blackdogs.com>	2004-11-13 13:38:34 +00:00
Dr. Stephen Henson	78df5a2f1e	Fix x509.c so it creates serial number file again if no serial number is supplied on command line.	2004-11-13 13:26:06 +00:00
Richard Levitte	6c9f57d629	Cut'n'paste mistake. All tested OK now...	2004-11-11 19:36:08 +00:00
Richard Levitte	382342ce1d	Whoops, syntactic mistake...	2004-11-11 18:58:01 +00:00
Richard Levitte	69c922f5d2	Some find it confusing that environment variables are set when shared libraries aren't built or used. I can see the point, so I'm reorganising a little for clarity.	2004-11-11 18:18:43 +00:00
Dr. Stephen Henson	10c8505734	Use the default_md config file value when signing CRLs. PR:662	2004-11-11 13:47:06 +00:00
Dr. Stephen Henson	10f92aac33	Don't return an error with crl -noout. PR:917 Sumbmitted by: Michael Konietzka <konietzka@schlund.de>	2004-11-11 02:13:08 +00:00
Andy Polyakov	68d9e764cb	As was shown by Marc Bevand reordering of couple of load operations results in even higher performance gain of 3.3x:-) At least on Opteron...	2004-11-09 17:23:26 +00:00
Richard Levitte	8de69cf2c6	Make sure LD_PRELOAD is only set when we build shared libraries (and therefore link with them). Add LD_PRELOAD setting code where it was still missing. PR: 966	2004-11-05 09:12:10 +00:00
Richard Levitte	a2ac429da2	Don't use $(EXHEADER) directly in for loops, as most shells will break if $(EXHEADER) is empty. Notified by many, solution suggested by Carson Gaspar <carson@taltos.org>	2004-11-02 23:55:01 +00:00
Richard Levitte	ffd0f93f14	Because -rpath/-R may have been used, our settings of LD_LIBRARY_PATH and friends may be entirely useless. In such a case, LD_PRELOAD is the answer, at least on platforms using LD_LIBRARY_PATH. There might be other variables to set on other platforms, please fill us in... For now, we only do this with the tests, so they won't fail for silly reasons like getting dynamically linked to older installed libraries rather than the newly built ones... PR: 960	2004-11-02 01:13:04 +00:00
Richard Levitte	1a4b8e7cee	Make sure memmove() is defined, even on SunOS 4.1.4. PR: 963	2004-11-01 07:58:38 +00:00
Dr. Stephen Henson	03386677ed	Update NEWS	2004-10-25 17:11:19 +00:00
Dr. Stephen Henson	559f90ff60	Update FAQ.	2004-10-25 12:36:33 +00:00
Dr. Stephen Henson	c284f20f00	Fix race condition when SSL ciphers are initialized.	2004-10-25 11:14:16 +00:00
Geoff Thorpe	58ae65cd1a	Update ECDSA and ECDH for OPENSSL_NO_ENGINE. Reported by: Maxim Masiutin Submitted by: Nils Larsch	2004-10-21 00:06:14 +00:00
Richard Levitte	5b0f1f7d13	Because libraries on Windows lack useful version information, the zlib guys had to change the name to differentiate with older versions when a backward incompatibility came up. Of course, we need to adapt. This change simply tries to load the library through the newer name (ZLIB1) first, and if that fails, it tries the good old ZLIB.	2004-10-14 05:48:59 +00:00
Dr. Stephen Henson	785e827323	Oops!	2004-10-04 17:28:31 +00:00
Dr. Stephen Henson	2f605e8d24	Fix race condition when CRL checking is enabled.	2004-10-04 16:30:12 +00:00
Dr. Stephen Henson	5e2216bfa1	Update debug-steve	2004-10-01 11:35:38 +00:00
Dr. Stephen Henson	175ac6811a	Don't use C++ reserved work "explicit".	2004-10-01 11:21:53 +00:00
Andy Polyakov	07d488daf6	Fix Solaris 10_x86 shared build. -Bsymbolic is required to avoid "remaining relocations" in assembler modules. The latter seems to be new behaviour, elder as/ld managed to resolve this relocations as internal. It's possible to address this problem differently, but I settle for -Bsymbolic... PR: 546	2004-09-28 20:45:10 +00:00
Richard Levitte	d1360f6ecc	usr/doc has recently changed to usr/share/doc on Cygwin. Notified by Corinna Vinschen <vinschen@redhat.com>	2004-09-28 13:10:16 +00:00
Richard Levitte	c38ff58b6b	Move the declaration of alloca() so it's ony declared when really necessary.	2004-09-27 21:59:44 +00:00
Andy Polyakov	c29ef588dc	SHA1 asm Pentium tune-up. Performance loss is not as bad anymore.	2004-09-27 09:37:03 +00:00
Andy Polyakov	968c31bd84	sha256_block advances the input pointer double as fast sometimes. Fix the bug and test that it's actually gone. PR: 950	2004-09-27 09:35:59 +00:00
Geoff Thorpe	c743966156	Nils Larsch reported that this include is required. Strange that this had gone unnoticed ...	2004-09-24 23:37:52 +00:00
Richard Levitte	bb09fd2bb6	Import changed files from LPlib. The changes are logged as follows for LPdir_unix.c in LPlib. For the other files, only the last log entry applies. ---------------------------- revision 1.11 date: 2004/09/23 22:07:22; author: _cvs_levitte; state: Exp; lines: +20 -6 Define my own macro LP_ENTRY_SIZE to express the size of my own buffering of directory entries, and make it depend on whichever comes first of PATH_MAX and NAME_MAX. As a fallback, make sure it's set to 255 if neither PATH_MAX or NAME_MAX were defined. Also, if the size given from PATH_MAX or NAME_MAX is less than 255, force LP_ENTRY_SIZE to be 255. It makes no harm whatsoever if LP_ENTRY_SIZE is larger than the maximum local path name limit. It does make a lot of harm if LP_ENTRY_SIZE is smaller. 255 seemed like a fairly acceptable default when nothing else is available. ---------------------------- revision 1.10 date: 2004/08/26 13:36:05; author: _cvs_levitte; state: Exp; lines: +13 -13 License correction. I am not REGENTS, just a COPYRIGHT HOLDER. ----------------------------	2004-09-23 22:11:39 +00:00
Geoff Thorpe	280eb33b59	Remove distracting comments and code. Thanks to Nils for picking up on the outstanding ticket. PR: 926	2004-09-19 04:55:15 +00:00
Geoff Thorpe	f79110c633	Two TODO comments taken care of. Nils pointed out that one of them had already been done, and took care of the other one (which hadn't). Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-09-19 04:43:46 +00:00
Geoff Thorpe	6ef2ff62fc	Make -Werror happy again.	2004-09-18 01:32:32 +00:00
Dr. Stephen Henson	980aea7860	Check ASN1_TYPE structure type is a SEQUENCE in PKCS7_get_smimecap().	2004-09-15 23:47:25 +00:00
Dr. Stephen Henson	bd9327baa9	Change values of MBSTRING_* to the form MBSTRING_FLAG\|nbyte as assumed in ASN1_STRING_to_UTF8().	2004-09-13 22:33:56 +00:00
Richard Levitte	6f9bafafa3	- There's no more need for the snprintf macro. - Move the inclusion of malloc.h until after all other includes, so we can do proper tests of system macros. - Make sure the correct header file is included to get the builtin "alloca" under VMS, and define a macro to map the symbol 'alloca' to it.	2004-09-13 09:15:06 +00:00
Richard Levitte	422a4a33a5	Synchronise with Unix build.	2004-09-12 13:02:04 +00:00
Dr. Stephen Henson	58606421ae	When looking for request extensions in a certificate look first for the PKCS#9 OID then the non standard MS OID.	2004-09-10 20:20:54 +00:00
Richard Levitte	d813ff2ac1	make update	2004-09-10 10:30:33 +00:00
Andy Polyakov	36734b2bab	Make VIA Padlock engine more platform friendly and eliminate compiler warning. Submitted by: Doug Kaufman <dkaufman@rahul.net>	2004-09-09 14:54:12 +00:00
Andy Polyakov	c85c5c408a	x86 assembler updates: more instructions, new OPENSSL_instrument_halt [for DJGPP]...	2004-09-09 14:50:32 +00:00
Richard Levitte	2c1677d703	Synchronise VMS build files with Unixly Makefiles.	2004-09-08 08:13:34 +00:00
Richard Levitte	72348cbb8d	Another symbol longer than 31 characters...	2004-09-08 08:13:03 +00:00
Dr. Stephen Henson	c431798e82	Reformat smime utility. Add support for policy checking in verify utility.	2004-09-07 18:38:46 +00:00
Dr. Stephen Henson	fb80794568	Don't use 'explicit' for variable name.	2004-09-07 00:31:08 +00:00
Dr. Stephen Henson	4ec3d785e5	Reformat smime.c	2004-09-07 00:28:17 +00:00
Dr. Stephen Henson	5d7c222db8	New X509_VERIFY_PARAM structure and associated functionality. This tidies up verify parameters and adds support for integrated policy checking. Add support for policy related command line options. Currently only in smime application. WARNING: experimental code subject to change.	2004-09-06 18:43:01 +00:00
Dr. Stephen Henson	d993addbed	Stop compiler warnings.	2004-09-06 18:37:46 +00:00
Andy Polyakov	476b6ab541	TABLE OpenBSD-i386 update	2004-08-29 22:05:02 +00:00
Andy Polyakov	16760a3089	Proper support for OpenBSD-i386 shared build, including assember modules! "Proper" means "compiles and passes test." Versioning is broken (I think).	2004-08-29 21:36:37 +00:00
Andy Polyakov	2b247cf81f	OPENSSL_ia32cap final touches. Note that OPENSSL_ia32cap is no longer a symbol, but a macro expanded as (*(OPENSSL_ia32cap_loc())). The latter is the only one to be exported to application.	2004-08-29 16:36:05 +00:00
Andy Polyakov	746fc2526f	Fix compiler warnings in crypto/evp/bio_ok.c as pointed out by Geoff.	2004-08-29 16:19:27 +00:00
Andy Polyakov	a8c65b400c	crypto/perlasm update primarily to unify Netware modules. Once it's verified x86*_nw.pl will be deleted. In addition this update implements initseg on several additional [in addition to ELF] platforms. Functions registered with initseg are supposed to be called prior main().	2004-08-29 16:10:27 +00:00
Andy Polyakov	526975906b	Minor VIA Padlock engine update: eliminate -Wunused warning when not compiling the engine and inline memcpy in performance critical pathes.	2004-08-24 09:01:09 +00:00
Andy Polyakov	14fa6ad9f9	Make aes_ctr.c 64-bit savvy.	2004-08-23 22:19:51 +00:00
Richard Levitte	e544b0dc2a	'compatibility', not 'computability' :-)...	2004-08-18 15:48:33 +00:00
Richard Levitte	2549564009	On systems that use case-insensitive symbol names (i.e. they're all converted to upper case or something like that), the application- level bio_dump_cb() has a name clash with the new library function BIO_dump_cb(). The easiest fix is to rename the function at the application level.	2004-08-12 08:58:55 +00:00
Richard Levitte	bb1a915c24	Basically, I wanted to be able to make a dump to a FILE, and not have to bother creating a BIO around it. So here's a few more functions to make it possible to make the dump using a printing callback, and to print to a FILE (based on the callback variant), done in the same style as the functions in crypto/err/err_prn.c.	2004-08-11 21:13:57 +00:00
Richard Levitte	b94f886b22	Stupid casts...	2004-08-11 17:41:15 +00:00
Dr. Stephen Henson	6ef7b78e7c	Update FAQ.	2004-08-11 17:22:13 +00:00
Dr. Stephen Henson	e08aad1d14	Make ASN1_INTEGER_cmp() work as expected with negative integers.	2004-08-10 17:40:14 +00:00
Dr. Stephen Henson	b5a93e2250	Call setup_engine after autoconfig.	2004-08-06 12:44:34 +00:00
Dr. Stephen Henson	c128bb0fa2	Don't ignore return value of EVP_DigestInit_ex() in md BIOs and dgst utility.	2004-08-05 18:09:50 +00:00
Geoff Thorpe	30fe028f07	Make a note of the new engine.	2004-08-04 22:42:29 +00:00
Andy Polyakov	b88606c28e	Padlock engine update to fix a typo in MSC assembler and to address potential corruption problem if user manages to inter-leave aligined and misaligned requests [as well as some MSC-specific tweaks].	2004-08-04 12:58:26 +00:00
Richard Levitte	2ea6abf6e5	DJGPP has opendir() and friends, according to Gisle Vanem <giva@bgnett.no>.	2004-08-03 19:15:21 +00:00
Andy Polyakov	f8c469de73	If they ask for 386, keep it as 386 as possible...	2004-08-02 22:41:19 +00:00
Andy Polyakov	42096e05f7	Avoid a.out name table pollition.	2004-08-02 22:02:17 +00:00
Andy Polyakov	7d15a556f8	Minor clean-up to make Microsoft compiler shut up.	2004-08-02 21:54:40 +00:00
Andy Polyakov	5b17246324	VIA C3 processor extends IA-32 instruction set with instuctions performing AES encryption in hardware, as well as one accessing hardware RNG. As you surely imagine this engine access this extended instruction set. Well, only AES for the moment, support for RNG is to be added later on... PR: 889 Submitted by: Michal Ludvig <michal@logix.cz> Obtained from: http://www.logix.cz/michal/devel/padlock/	2004-08-02 21:48:11 +00:00
Andy Polyakov	c77094415f	Cygwin fix-up for shared build.	2004-08-01 21:24:34 +00:00
Andy Polyakov	34413fca84	OpenBSD fix-up for new a.out targets. OpenBSD .s.o rule is busted...	2004-08-01 21:16:26 +00:00
Andy Polyakov	ec38ddc765	Clean-up GAS targets: get rid of "cpp" stuff and replace it with "purified" COFF and a.out targets [similar to ELF targets]. You might notice some rudementary support for shared mingw builds under cygwin. It works (it produces cryptoeay32.dll and ssleay32.dll with everything exported by name), but it's primarily for testing/debugging purposes, at least for now...	2004-08-01 17:33:58 +00:00
Andy Polyakov	8aae01e223	Deprecate cpp and gaswin targets. New coff fills in for gaswin, but cpp is going out...	2004-08-01 17:03:50 +00:00
Andy Polyakov	00555c2f2f	DLLEntryPoint is a collective name, not what linker looks for. However, if we explicitly intruct the linker to set entry point, then we become obliged to initialize run-time library. Instead we can pick name run-time will call and such name is DllMain. Note that this applies to both "native" Win32 environment and Cygwin:-)	2004-08-01 14:27:43 +00:00
Richard Levitte	07d80f6f35	We build the crypto stuff, not the ssl stuff, in this command procedure...	2004-07-29 22:25:59 +00:00
Richard Levitte	4591850561	The compiler may complain about what looks like a double definition of a static variable	2004-07-27 13:58:27 +00:00
Dr. Stephen Henson	a25aca2943	Oops, wrong version...	2004-07-27 00:19:58 +00:00
Dr. Stephen Henson	48c524827b	Add FIPS library name to error routines.	2004-07-27 00:19:18 +00:00
Andy Polyakov	ebaec63e3e	This is so to say "damage control" for jumbo "cpuid" patch, see http://cvs.openssl.org/chngview?cn=12493. Now all platform should be operational, while SSE2 code pathes get engaged on ELF platforms only.	2004-07-26 22:01:50 +00:00
Andy Polyakov	14e21f863a	Add framework for yet another assembler module dubbed "cpuid." Idea is to have a placeholder to small routines, which can be written only in assembler. In IA-32 case this includes processor capability identification and access to Time-Stamp Counter. As discussed earlier OPENSSL_ia32cap is introduced to control recently added SSE2 code pathes (see docs/crypto/OPENSSL_ia32cap.pod). For the moment the code is operational on ELF platforms only. I haven't checked it yet, but I have all reasons to believe that Windows build should fail to link too. I'll be looking into it shortly...	2004-07-26 20:18:55 +00:00
Andy Polyakov	f10725a6e1	Zero key-length for HMAC is apparently OK.	2004-07-25 20:24:49 +00:00
Andy Polyakov	0f71b77d5c	Make bio_ok.c Microsoft compiler savvy.	2004-07-25 20:13:30 +00:00
Andy Polyakov	d6bb6a88be	Typos, typos...	2004-07-25 20:09:56 +00:00
Andy Polyakov	3205db2bfe	Make bio_ok.c 64-bit savvy.	2004-07-25 19:37:41 +00:00
Andy Polyakov	6f86850eec	Stricter boundary condition check in HMAC_Init_ex.	2004-07-25 19:25:05 +00:00
Andy Polyakov	16ab8a93bc	Minor 64-bit md32_common.h update and minor unsignification of digests.	2004-07-25 19:10:43 +00:00
Andy Polyakov	c88f8f76b5	'apps/openssl dgst -help' update and minor apps/speed.c update.	2004-07-25 18:57:35 +00:00
Andy Polyakov	fbf96849e9	Make SHA-256/-512 optional. Note that no-sha switches off all SHA.	2004-07-25 18:25:24 +00:00
Andy Polyakov	d70e2507f8	Some compilers are just too whiny. Nothing makes Microsoft compiler stop complaining about loss of precision, but explicit cast.	2004-07-25 17:00:56 +00:00
Andy Polyakov	2fcf435d73	Some compilers are just too whiny. DEC C doesn't like long long...	2004-07-25 16:54:08 +00:00
Andy Polyakov	da2ee71de5	Typos and due casts. As for the latter. It's "safe" to cast as below, because "wrong" casts will either be optimized away or never performed.	2004-07-25 16:48:28 +00:00
Andy Polyakov	8611934352	Minor HP-UX make update. IA-64-based HP-UX favor .so extension for shared libraries. Old .sl extension works just fine, but it .so which is default.	2004-07-24 14:17:32 +00:00
Andy Polyakov	01e94efd46	TABLE update.	2004-07-23 23:29:25 +00:00
Andy Polyakov	33c3ecf741	Build-n-link new IA-64 modules on Linux and HP-UX.	2004-07-23 23:27:10 +00:00
Andy Polyakov	5bd4c26057	Various IA-64 assembler fix-ups.	2004-07-23 22:54:18 +00:00
Andy Polyakov	4aa5889e1a	VC-NT was taken away by mistake, putting it back...	2004-07-23 20:46:41 +00:00
Andy Polyakov	bafcc7e060	Win64 placeholder targets. This is merely naming suggestion. As we know Win64 comes in two flavors, IA-64/Itanium and AMD64/Opteron. The suggestion is to refer to former as WIN64I and latter - WIN64A	2004-07-23 19:18:20 +00:00
Andy Polyakov	afe67fb28e	Adapt rc4-amd64.pl for Win64/AMD64 assembler.	2004-07-23 17:51:17 +00:00
Richard Levitte	f744f92adb	From LPlib: Apparently, the length including the NUL byte should be used. Contributed by Andy Polyakov <appro@fy.chalmers.se>	2004-07-22 18:34:06 +00:00
Richard Levitte	75f134c077	From LPlib: Make a nicer comment, as we don't really know for sure that it's really needed, and just want to play on the safe side. Suggest by Andy Polyakov <appro@fy.chalmers.se>	2004-07-22 13:00:14 +00:00
Andy Polyakov	d8d25c9603	WinCE should always be compiled as UNICODE, even debugging version...	2004-07-22 11:08:31 +00:00
Andy Polyakov	f1bdf1d518	#include <limits.h> is required at least on HP-UX and IRIX. And what's with HP-UX offering 14 for NAME_MAX?	2004-07-22 10:53:26 +00:00
Andy Polyakov	d58caee734	EVP_Digest is size_t-fied, clean up test programs accordingly.	2004-07-22 10:25:52 +00:00
Andy Polyakov	e39c2548f5	Run SHA-256/-512 tests through EVP...	2004-07-22 10:21:13 +00:00
Andy Polyakov	8169dd73f9	All SIXTY_FOUR_BIT platforms (mind the difference between SIXTY_FOUR_BIT and SIXTY_FOUR_BIT_LONG) were failing to pass 'cd test; make test_bn'.	2004-07-22 09:32:11 +00:00
Richard Levitte	765e231a7c	From LPlib: Some code beautification. Change the macro CP_THREAD_ACP to CP_ACP, because the latter is more widely defined. Add a conditional macro definition in case FindFirstFile and FindNextFile aren't properly defined (might happen on WinCE). Suggested by Andy Polyakov <appro@fy.chalmers.se>	2004-07-21 21:16:21 +00:00
Andy Polyakov	89c53672c2	Make rand_win.c UNICODE savvy.	2004-07-21 17:17:30 +00:00
Richard Levitte	64ba6cf222	From LPlib: Windows changes that detects if multibyte characters are available and deals with them properly. Contributed by Andy Polyakov <appro@fy.chalmers.se>	2004-07-20 21:24:43 +00:00
Richard Levitte	210a4f78ae	Imported from LPlib, making sure the entry name (at least on Unix) is NUL-teminated at all times, and that we don't make unneeded calls to free().	2004-07-19 16:36:28 +00:00
Richard Levitte	334ef04949	Since version 7.0, The C RTL in VMS handles time in terms of UTC instead of local time.	2004-07-19 07:50:43 +00:00
Andy Polyakov	859ceeeb51	Anchor AES and SHA-256/-512 assembler from C.	2004-07-18 17:26:01 +00:00
Andy Polyakov	22edcae7fa	Type in Configure and TABLE update.	2004-07-18 16:22:53 +00:00
Andy Polyakov	d0590fe6b2	Add anchors for AES, SHA-256/-512 assembler modules and SSE2 code pathes. I also used this opportunity to clean up some out-of-date targets and re-group targets by OS.	2004-07-18 16:19:34 +00:00
Andy Polyakov	2232b10f5a	Add licensing terms.	2004-07-17 13:24:58 +00:00
Andy Polyakov	e34794dd1b	IA-64 is intolerant to misaligned access. It was a problem on Win64 as we were mislead by _MSC_VER macro, which is defined by all Windows Microsoft compilers.	2004-07-17 12:55:55 +00:00
Geoff Thorpe	0210065bbd	Quick fix. Submitted by: Nils Larsch	2004-07-16 03:24:51 +00:00
Geoff Thorpe	7f5b4dd1e8	Using Horner's algorithm to evaluate the ec polynomial (suggested by Adam Young <ayoung@cigital.com>) Submitted by: Nils Larsch	2004-07-16 03:24:19 +00:00
Richard Levitte	5906e8d5fe	I think it could be a good thing to know what went wrong with the tests...	2004-07-12 12:25:54 +00:00
Richard Levitte	5545607c4f	make update (incidently, this also tells VMS that there exists a new symbol in the SSL library)	2004-07-12 11:25:48 +00:00
Richard Levitte	6ac1571296	Because it's one of our libraries calling new functions in the other, we need to have them among the symbols that should appear in the transfer table, at least on VMS (and it wouldn't surprise me if Windows would whine as well).	2004-07-12 11:24:55 +00:00
Bodo Möller	ca74b76f3e	improve wording	2004-07-12 06:23:28 +00:00
Richard Levitte	2b6174c478	Some test programs in crypto/sha were named differently than usual...	2004-07-11 20:30:33 +00:00
Richard Levitte	2b002273f3	'SSL_add_dir_cert_subjects_to_stack' is longer than 31 characters. Lucky me, I had prepared for this :-).	2004-07-11 20:22:37 +00:00
Richard Levitte	15d155e45a	o_dir needs to be compiler with the warnings about dollar signs in identities disabled.	2004-07-11 20:21:56 +00:00
Richard Levitte	b0841348b6	In some cases, EVMSERR isn't visible (that's fairly new...). Don't have a constant that you're going to assign to, that's just plain stupid (I was the stupidhead here...).	2004-07-11 20:21:19 +00:00
Andy Polyakov	090e81d4aa	Integration of RC4 AMD64 module.	2004-07-11 16:49:09 +00:00
Andy Polyakov	e4528e48e3	RC4 tune-up for AMD64. Performance improvement of 2.22x is measured for linux-x86_64 target.	2004-07-11 16:44:07 +00:00
Bodo Möller	235dee1421	BIS correction/addition	2004-07-11 08:58:43 +00:00
Richard Levitte	d28f7bc74d	make update	2004-07-10 13:18:23 +00:00
Richard Levitte	4083a229b4	Use the new directory reading functions.	2004-07-10 13:17:16 +00:00
Richard Levitte	a2400fcab8	Copy a few files from LPlib (a new project of mine), add a wrapper. Now we have directory reading capabilities for VMS as well, and all of it in a fairly general manner.	2004-07-10 13:16:02 +00:00
Richard Levitte	dc56eb5079	o_str.c: Windows doesn't have <strings.h>, and since we use _strnicmp() and _stricmp() on that platform, use the appropriate header file for it, <string.h>. o_str.h: we only want to get size_t, which is defined in <stddef.h>. Philippe Bougeret <philippe.bougeret@freesbee.fr> notified us about Windows not having a <strings.h>	2004-07-08 08:32:48 +00:00
Dr. Stephen Henson	637ff35ef6	Delta CRL support in extension code.	2004-07-06 17:16:40 +00:00
Geoff Thorpe	ace3ebd661	Improve error handling if decompression of an ec point fails, and cleanup ec_curve.c (unify comments, etc). Submitted by: Nils Larsch Reviewed by: Bodo Moeller, Geoff Thorpe	2004-07-06 15:50:04 +00:00
Dr. Stephen Henson	eea674567c	Delete non-POSIX header file.	2004-07-04 16:48:27 +00:00
Dr. Stephen Henson	c39c32dd65	PKCS#8 fixes from stable branch.	2004-07-04 16:44:52 +00:00
Dr. Stephen Henson	0efea28dcb	Don't try to parse non string types.	2004-07-01 18:15:33 +00:00
Dr. Stephen Henson	4bab9b763d	Stop compiler warnings with debug-steve	2004-07-01 18:14:31 +00:00
Richard Levitte	70696f4525	Explain a little better what BN_num_bits() and BN_num_bits_word() do. Add a note as to how these functions do not always return the key size, and how one can deal with that. PR: 907	2004-07-01 12:33:39 +00:00
Andy Polyakov	80bbc9ceaf	Minor (+12% on P4) performance tweak for sha512_block_sse2.	2004-07-01 11:29:00 +00:00
Andy Polyakov	51ce5230cd	AES assembler implementation for IA-64. Note that there is no anchor from C code yet...	2004-07-01 11:15:23 +00:00
Andy Polyakov	b6d8ba11e9	New SHA algorithms assembler implementation for IA-64. Note that despite module name both SHA-256 and SHA-512 are supported.	2004-07-01 11:13:44 +00:00
Andy Polyakov	e2f2a9af2c	New scalable bn_mul_add_words loop, which provides up to >20% overall performance improvement. Make module more gcc friendly and clarify copyright issues for division routine.	2004-07-01 11:10:38 +00:00
Richard Levitte	28a8003467	Changes for VOS, submitted by Paul Green <Paul.Green@stratus.com>. PR: 499	2004-06-28 22:01:37 +00:00
Richard Levitte	563cd0f2b0	Make the tests of EVP operations without padding. As a consequence, there's no need for a larger BUFSIZE any more... PR: 904	2004-06-28 16:32:12 +00:00
Richard Levitte	3ac0f28837	Make sure that the buffers are large enough to contain padding. PR: 904	2004-06-28 12:23:35 +00:00
Richard Levitte	47c1735acd	NetWare fixes provided by Verdon Walker for OpenSSL 0.9.8-dev. The changes have been mailed to <crypt@bis.doc.gov> as well. PR: 903	2004-06-28 11:55:28 +00:00
Richard Levitte	7d3932e8cf	Linux on ARM needs -ldl PR: 905	2004-06-28 10:31:03 +00:00
Dr. Stephen Henson	8a60547896	Reformat pkcs8 source.	2004-06-24 13:10:54 +00:00
Geoff Thorpe	d459e39012	Tidy up, including; - Remove unused and unuseful debug cruft. - Remove unnecessary 'top' fudging from BN_copy(). - Fix a potential memory leak and simplify the expansion logic in BN_bin2bn(). Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-06-20 04:16:12 +00:00
Dr. Stephen Henson	afd61c63c2	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:14 +0000	2004-06-19 13:18:03 +00:00
Dr. Stephen Henson	9a2073b4cd	file fips_dh_key.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:14 +0000	2004-06-19 13:16:54 +00:00
Dr. Stephen Henson	f28468188b	file fips_dh_gen.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:14 +0000	2004-06-19 13:16:52 +00:00
Dr. Stephen Henson	8871d87512	file fips_dh_check.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:14 +0000	2004-06-19 13:16:49 +00:00
Dr. Stephen Henson	a2b81188be	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:14 +0000	2004-06-19 13:16:47 +00:00
Geoff Thorpe	340f5856ec	Incomplete initial sweep over the engine code. Mainly reducing some comment-noise to managable levels and inverting the sense of the "uptodate" boolean (which was counter-intuitive the way I'd left it).	2004-06-19 03:58:42 +00:00
Geoff Thorpe	df11e1e921	Deprecate unused cruft, and "make update".	2004-06-17 23:50:25 +00:00
Geoff Thorpe	6a6592962c	Attempt to bring the 'engine' documentation up to date w.r.t missing prototypes, etc. Also, some fairly significant edits were made to the text (who wrote this crap anyway? oh wait ...), removing stuff which is overkill, rewriting stuff that was opaque, correcting things that were just downright false, etc.	2004-06-17 23:40:14 +00:00
Geoff Thorpe	1275c4569e	Minor change to group like functions together.	2004-06-17 23:35:45 +00:00
Geoff Thorpe	afbe74d386	Actually, that last change to BN_get_word() was a little too simple.	2004-06-17 22:05:40 +00:00
Geoff Thorpe	f18ea6cae9	Get rid of signed/unsigned warnings, and teach CVS about new things to ignore.	2004-06-17 20:28:28 +00:00
Geoff Thorpe	c9ff40cecd	Tweak my debug target flags.	2004-06-17 20:26:21 +00:00
Geoff Thorpe	9088d5f24f	As Nils put it; Yet another question: some time ago you changed BN_set_word. Why didn't you change BN_get_word as well? Quite. I'm also removing the older commented-out implementations to improve readability. This complex stuff seems to date from a time when the types didn't match up well. Submitted by: Nils Larsch, Geoff Thorpe	2004-06-17 20:13:50 +00:00
Geoff Thorpe	cf9056cfda	BN_div_word() was breaking when called from BN_bn2dec() (actually, this is the only function that uses it) because it would trip up an assertion in bn_div_words() when first invoked. This also adds BN_div_word() testing to bntest. Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-06-17 20:03:56 +00:00
Richard Levitte	f7fc4ca1dd	Making some values explicitely unsigned was derived from ongoing work that isn't yet committed. It wasn't meant to be committed already, so I'm removing it for now.	2004-06-15 12:52:26 +00:00
Richard Levitte	132fc53223	Typo, setting the first element of nids[] to NULL instead of setting *cnids.	2004-06-15 11:45:42 +00:00
Geoff Thorpe	b3b6720944	Correct the return codes for ecdsatest. Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-06-14 23:37:32 +00:00
Lutz Jänicke	9f6ea7163b	More precise explanation of session id context requirements.	2004-06-14 13:27:28 +00:00
Andy Polyakov	385c8e89f4	SHA fails to compile on x86_64 if compiled with custom flags, without recommended -DMD32_REG_T=int in particular. PR: 893 Submitted by: Michal Ludvig <michal-list@logix.cz>	2004-06-11 17:50:57 +00:00
Geoff Thorpe	263e3151e2	"no-engine" was being ignored, so remove it from the advertised syntax. Also remove some commented-out lines of code that deny CVS its purpose.	2004-06-03 03:34:53 +00:00
Geoff Thorpe	9081980565	This fixes the installation target for dynamic engines, which was trying to install to a different location than it had created. (BTW, VMS will need a matching fix in eng_list.c.) Note, these aren't ssl-specific, so I'm putting "engines/" into the libs directory rather than at the "--prefix" level or inside "ssl/".	2004-06-01 03:18:58 +00:00
Andy Polyakov	393b704d28	Minimal work-around for ./engine shared builds. "Minimal" means that I think that proper Makefile clean-up is required.	2004-05-31 22:29:26 +00:00
Andy Polyakov	bef26f1158	32-bit PA-RISC requires -Bsymbolic when linking libcrypto.sl. Without this flag RAND_poll ends up in end-less loop calling RAND_add. But don't ask me why...	2004-05-31 17:10:49 +00:00
Andy Polyakov	bc1ca8605c	Working on HP-UX shared support...	2004-05-31 14:50:19 +00:00
Andy Polyakov	ad5003409d	Mention new SHA algorithms in CHANGES. This completes the integration.	2004-05-31 14:03:02 +00:00
Andy Polyakov	057cfaf2f8	Extend HMAC_MAX_MD_CBLOCK to accomodate SHA-512.	2004-05-31 13:28:23 +00:00
Richard Levitte	914d36ba19	make update	2004-05-31 13:16:08 +00:00
Andy Polyakov	31c2ac1cdc	EVP bindings to new SHA algorithms.	2004-05-31 13:14:08 +00:00
Andy Polyakov	6bca8e3886	objects.txt update for SHA-224/-256/-384/-512. SHA-224 ids still appear "draft," but we have to start somewhere... Submitted by: Nils Larsch <nlarsch@compuserve.de>	2004-05-31 13:07:19 +00:00
Andy Polyakov	63ba7e293f	Make sha-256/-512 naming in speed.c consistent with their names as they will appear at EVP leyer.	2004-05-31 12:40:22 +00:00
Andy Polyakov	31e9b9b2e9	Typo in commentary section.	2004-05-31 12:30:41 +00:00
Andy Polyakov	7997b13aa3	Final SHA-256/-512 touches. Extra md_len field in SHA[256\|512]_CTX reserves for truncated hash function output mode and makes SHA224 thread-safe. Next stop is integration with EVP and we're done...	2004-05-31 12:26:18 +00:00
Andy Polyakov	a2eb9688a4	Kill unused macro and reimplement it for that single context it can actually be used, namely x86* platforms [because they don't bomb on unaligned access]. This resulted in 30-40% [depending on message length] improvement for SHA-256 compiled with gcc and running on P4. In the lack of assembler implementation I give the compiler all the help it can possibly get:-)	2004-05-31 12:06:27 +00:00
Richard Levitte	af2bf07404	SHA224_Update() and SHA224_Final() aren't implemented, and since SHA224() uses SHA256_Update() and SHA256_Final() instead, let's just create aliases in form of macros. make update	2004-05-30 16:58:33 +00:00
Andy Polyakov	8c5dfa4c99	Typo in linux-ppc64 target.	2004-05-29 20:32:54 +00:00
Andy Polyakov	8d9fb0f04a	gcc -Wcast-qual clean-up.	2004-05-29 19:11:29 +00:00
Andy Polyakov	15fd2de37c	hpux-shared rules to cover even for GNU ld.	2004-05-28 22:38:05 +00:00
Andy Polyakov	1a83c37294	Unified hpux-shared rule. Verified with both 32- and 64-bit builds and both vendor and GNU compilers. ./engine shared build are still busted. I mean always were...	2004-05-28 22:18:48 +00:00
Andy Polyakov	674ee8b72d	Make sure we return 0 if test passed.	2004-05-28 21:42:40 +00:00
Andy Polyakov	1809e858bb	Eliminate compiler warnings and throw in performance table.	2004-05-28 10:15:58 +00:00
Andy Polyakov	2bbc970e10	Attempt to unify hpux-shared rules. More adjustments might be required after more tests...	2004-05-27 22:23:40 +00:00
Andy Polyakov	da8348e938	SHA-224 test vectors added.	2004-05-27 19:46:07 +00:00
Dr. Stephen Henson	f91f6cd5e4	file install.com was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2004-05-27 10:07:02 +00:00
Dr. Stephen Henson	bd923a7bac	file fips-lib.com was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:09 +0000	2004-05-27 10:04:38 +00:00
Richard Levitte	ef16f45081	Since num is now a size_t, it's not necssary to check for less than 0, AND it avoids warnings on certain systems.	2004-05-27 09:20:42 +00:00
Richard Levitte	4d692e1ba0	Synchronise VMS with the Unixly Malefiles.	2004-05-26 17:05:51 +00:00
Andy Polyakov	6577e16920	Documentation note for Win32 glue between BIO layer and compiler run-time.	2004-05-25 20:32:17 +00:00
Andy Polyakov	3fc378aa0b	Framework for glueing BIO layer and Win32 compiler run-time. Goal is to make it possible to produce for a unified binary build, which can be used with a variety of Win32 compilers.	2004-05-25 20:31:03 +00:00
Richard Levitte	f2bfbcef76	make update	2004-05-25 09:41:00 +00:00
Richard Levitte	6713a4835f	Move some COMP functions to be inside the #ifndef OPENSSL_NO_COMP wrapping preprocessor directive. This also removes a duplicate declaration.	2004-05-20 23:47:57 +00:00
Andy Polyakov	46ceb15c39	SHA-256/-512 test and benchmark.	2004-05-20 21:49:38 +00:00
Andy Polyakov	109d3123c3	While size_t-fying let's not forget to update documentation:-)	2004-05-20 21:39:50 +00:00
Andy Polyakov	63077bd40c	SHA-256/-512 update. A bug fix, SHA-512 tune-up for AMD64, hook for SSE2 code, Makefile update.	2004-05-20 21:24:41 +00:00
Andy Polyakov	df364f1b00	Stress collector/padding function.	2004-05-20 21:20:19 +00:00
Andy Polyakov	bc767216d9	Final API adaptation. Final, "all openssl" performance numbers [not mixture of different implementations]. Real-life performance improvement is rated at 2-3x, not 6x as preliminary announced.	2004-05-20 21:18:09 +00:00
Dr. Stephen Henson	cacd830f02	Delete unused function from libeay.num, replace with one that does exist.	2004-05-19 17:08:05 +00:00
Dr. Stephen Henson	eda52e175a	Delete obsolete and unimplemented function.	2004-05-19 17:05:02 +00:00
Dr. Stephen Henson	665560e9a4	Add SHA256 and SHA512 algorithms to mkdef.pl. Fix mkdef.pl script to avoid infinite loop when parsing sha.h.	2004-05-19 17:03:59 +00:00
Richard Levitte	c4fc8b5bf4	X509_policy_lib_init is declared but not defined, so it raises havoc when trying to build a shared library on VMS or Windows...	2004-05-19 14:19:51 +00:00
Geoff Thorpe	9c52d2cc75	After the latest round of header-hacking, regenerate the dependencies in the Makefiles. NB: this commit is probably going to generate a huge posting and it is highly uninteresting to read.	2004-05-17 19:26:06 +00:00
Geoff Thorpe	0f814687b9	Deprecate the recursive includes of bn.h from various API headers (asn1.h, dh.h, dsa.h, ec.h, ecdh.h, ecdsa.h, rsa.h), as the opaque bignum types are already declared in ossl_typ.h. Add explicit includes for bn.h in those C files that need access to structure internals or API functions+macros.	2004-05-17 19:14:22 +00:00
Geoff Thorpe	f0eae953e2	Remove some unnecessary recursive includes from the internal apps.h header, and include bn.h in those C files that need bignum functionality.	2004-05-17 19:05:32 +00:00
Geoff Thorpe	298a2f9e58	Because of recent reductions in header interdependencies, these files need to include crypto.h directly.	2004-05-17 19:01:15 +00:00
Geoff Thorpe	ac0d0a5ecd	I can't verify this directly, but recent changes will probably require that the cryptodev implementation include bn.h directly (when building with OPENSSL_NO_DEPRECATED that is).	2004-05-17 18:58:47 +00:00
Geoff Thorpe	f15390bdb4	The inclusion of bn.h from the engine.h API header has been deprecated, so the engine implementations need to include bn.h to manipulate bignums.	2004-05-17 18:56:15 +00:00
Geoff Thorpe	d095b68d63	Deprecate quite a few recursive includes from the ssl.h API header and remove some unnecessary includes from the internal header ssl_locl.h. This then requires adding includes for bn.h in four C files.	2004-05-17 18:53:47 +00:00
Geoff Thorpe	508999fa7d	Deprecate some recursive includes from the store.h API header, and put back required includes back via the internal header and str_lib.c.	2004-05-17 18:49:06 +00:00
Geoff Thorpe	210a21bc8d	Reduce dependencies on crypto.h by moving the opaque definition of CRYPTO_EX_DATA and the new/free/dup callback prototypes to ossl_typ.h.	2004-05-17 18:39:00 +00:00
Geoff Thorpe	678c1e025b	Moving opaque definitions to ossl_typ.h lets us reduce header dependencies. Deprecate inclusion of crypto.h from ui.h.	2004-05-17 18:01:28 +00:00
Andy Polyakov	1ab61a9179	Make reservations for FIPS code in HEAD branch, so that the moment FIPS comes in we have required macros in place.	2004-05-17 15:49:13 +00:00
Geoff Thorpe	d6dda126b7	Make some more API types opaquely available from ossl_typ.h, meaning the corresponding headers are only required for API functions or structure details. This now includes the bignum types and BUF_MEM. Subsequent commits will remove various dependencies on bn.h and buffer.h and update the makefile dependencies.	2004-05-15 18:32:08 +00:00
Geoff Thorpe	7771b6c5b5	This file implements various functions that have since been redefined as macros. I'm removing this from the NO_DEPRECATED build.	2004-05-15 18:26:15 +00:00
Dr. Stephen Henson	4843acc868	Fixes so alerts are sent properly in s3_pkt.c PR: 851	2004-05-15 17:55:07 +00:00
Andy Polyakov	9e0aad9fd6	size_t-fication of message digest APIs. We should size_t-fy more APIs...	2004-05-15 11:29:55 +00:00
Richard Levitte	1c7a0e2856	Reimplement old functions, so older software that link to libcrypto don't crash and burn.	2004-05-14 17:56:30 +00:00
Richard Levitte	abd23881c1	Synchronise o_str.c between 0.9.8-dev and 0.9.7-stable.	2004-05-13 22:39:56 +00:00
Richard Levitte	d1739eb2d6	make update	2004-05-13 21:38:47 +00:00
Richard Levitte	2faa930bb0	Let's make life easier and have the VMS version of the configuration be generated from the Unixly configuration file.	2004-05-13 21:38:26 +00:00
Andy Polyakov	e14f4aab0a	CHANGES to mention improved PowerPC platform support.	2004-05-13 13:58:44 +00:00
Andy Polyakov	c842261b1b	SHA-224/-256/-384/-512 implementation. This is just sheer code commit. Makefile modifications, make test, etc. will appear later...	2004-05-13 13:48:33 +00:00
Dr. Stephen Henson	df368ecce4	Make self signing option of 'x509' use random serial numbers too.	2004-05-12 18:20:37 +00:00
Andy Polyakov	1e6bccc240	SSE2 SHA512_Transform implementation. No, it's not used anywhere yet and is subject to change as C implementation is added...	2004-05-06 10:41:07 +00:00
Andy Polyakov	d3adc3d3ed	SSE2 accelerated bn_mul_add_words. Code is currently disabled till proper config and run-time support is added. PR: 788 Submitted by: <dean@arctic.org> Reviewed by: <appro> Obtained from: http://arctic.org/~dean/crypto/rsa.html	2004-05-06 10:36:49 +00:00
Andy Polyakov	10e7d6d526	Support for IA-32 SSE2 instruction set.	2004-05-06 10:31:09 +00:00
Richard Levitte	8d472bdd84	Remove the creation of $(INSTALL_PREFIX)$(OPENSSLDIR)/lib, since we don't use it. Notified by Frédéric L. W. Meunier <0@pervalidus.tk> in PR 713	2004-05-06 09:46:41 +00:00
Richard Levitte	430d7afd80	When the pointer 'from' changes, it's stored length needs to change as well. Notified by Frank Kardel <kardel@acm.org> in PR 879.	2004-05-06 09:33:22 +00:00
Geoff Thorpe	ca982e4870	Fix realloc usage in ec_curve.c Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-05-04 20:08:55 +00:00
Bodo Möller	d5f686d808	- update from current 0.9.6-stable CHANGES file - update from current 0.9.7-stable CHANGES file: Now here we have "CHANGES between 0.9.7e and 0.9.8", and I hope that all patches mentioned for 0.9.7d and 0.9.7e actually are in the CVS HEAD, i.e. what is to become 0.9.8. I have rewritten the 'openssl ca -create_serial' entry (0.9.8) so that it explains the earlier change that is now listed (0.9.7e). The ENGINE_set_default typo bug entry has been moved from 0.9.8 to 0.9.7b, which is where it belongs.	2004-05-04 01:15:48 +00:00
Geoff Thorpe	08e1cbc62c	The new BN_CTX code makes this sort of abuse unnecessary.	2004-04-28 18:34:39 +00:00
Andy Polyakov	b6b4fdc9e2	Oops! Typo in ./config...	2004-04-27 22:17:25 +00:00
Andy Polyakov	dd55880644	Improved PowerPC support. Proper ./config support for ppc targets, especially for AIX. But most important BIGNUM assembler implementation submitted by IBM. Submitted by: Peter Waltenberg <pwalten@au1.ibm.com> Reviewed by: appro	2004-04-27 22:05:50 +00:00
Dr. Stephen Henson	bd1640bb01	Make ASN1 code work again...	2004-04-27 18:33:40 +00:00
Geoff Thorpe	081991ac01	With the new dynamic BN_CTX implementation, there should be no need for additional contexts.	2004-04-27 13:24:51 +00:00
Geoff Thorpe	8a85c341fe	The problem of rsa key-generation getting stuck in a loop for (pointlessly) small key sizes seems to result from the code continually regenerating the same prime value once the range is small enough. From my tests, this change fixes the problem by setting an escape velocity of 3 repeats for the second of the two primes. PR: 874	2004-04-26 15:38:44 +00:00
Geoff Thorpe	bcfea9fb25	Allow RSA key-generation to specify an arbitrary public exponent. Jelte proposed the change and submitted the patch, I jiggled it slightly and adjusted the other parts of openssl that were affected. PR: 867 Submitted by: Jelte Jansen Reviewed by: Geoff Thorpe	2004-04-26 15:31:35 +00:00
Dr. Stephen Henson	f3f52d7f45	More ASN1 reformat/tidy.	2004-04-25 12:46:39 +00:00
Dr. Stephen Henson	8845420f4e	Reformat/tidy some of the ASN1 code.	2004-04-24 17:02:48 +00:00
Dr. Stephen Henson	d735c64905	Fix leak. PR:870	2004-04-22 12:37:16 +00:00
Geoff Thorpe	955d465c2c	As far as I can tell, the bugfix this comment refers to was committed to 0.9.7-stable as well as HEAD (and doesn't apply to the 0.9.6-engine variant).	2004-04-21 15:12:20 +00:00
Geoff Thorpe	8c521c7a34	Extend the index parameter checking from sk_value to sk_set(). Also tidy up some similar code elsewhere. Thanks to Francesco Petruzzi for bringing this to my attention.	2004-04-21 15:08:56 +00:00
Dr. Stephen Henson	77475142ec	New option to 'x509' -next_serial. This outputs the certificate serial number plus 1 to the output file. Its purpose is to allow serial number files to be initialized when random serial numbers are used.	2004-04-21 12:46:20 +00:00
Dr. Stephen Henson	90fac84066	Use X509_get_serialNumber() instead of accessing internals in x509.c	2004-04-21 12:43:21 +00:00
Dr. Stephen Henson	64674bcc8c	Reduce chances of issuer and serial number duplication by use of random initial serial numbers. PR: 842	2004-04-20 12:05:26 +00:00
Richard Levitte	1dc2d655ad	Whooaaaaa, the BN_CTX_DEBUG macro really produces output these days... A little too much for my tests, currently...	2004-04-20 11:53:33 +00:00
Richard Levitte	863d2b196f	Print the debug thingies on stderr instead of stdout. If for nothing else then at least so bc doesn't have problems parsing the output from bntest :-).	2004-04-20 10:57:07 +00:00
Geoff Thorpe	c57bc2dc51	make update	2004-04-19 18:33:41 +00:00
Geoff Thorpe	6c0dcdc211	"make update" noticed a new function.	2004-04-19 18:32:19 +00:00
Geoff Thorpe	28ded31b97	More updates for the header cleanups (and apologies, again, for not having consolidated these prior to committing).	2004-04-19 18:30:41 +00:00
Geoff Thorpe	0fc07a0f9c	When generating dependencies in the makefiles, generate the reduced dependencies of the OPENSSL_NO_DEPRECATED mode. This prevents dependencies being reproduced for "deprecated" header behaviour when a developer doesn't define the symbol (with the subsequent CVS wars that can ensue).	2004-04-19 18:19:24 +00:00
Geoff Thorpe	823a67b0a9	header cleanup in apps/	2004-04-19 18:13:07 +00:00
Geoff Thorpe	60a938c6bc	(oops) Apologies all, that last header-cleanup commit was from the wrong tree. This further reduces header interdependencies, and makes some associated cleanups.	2004-04-19 18:09:28 +00:00
Geoff Thorpe	3a87a9b9db	Reduce header interdependencies, initially in engine.h (the rest of the changes are the fallout). As this could break source code that doesn't directly include headers for interfaces it uses, changes to recursive includes are covered by the OPENSSL_NO_DEPRECATED symbol. It's better to define this when building and using openssl, and then adapt code where necessary - this is how to stay current. However the mechanism exists for the lethargic.	2004-04-19 17:46:04 +00:00
Dr. Stephen Henson	ae44fc1ec4	Clear error if unique_subject lookup fails.	2004-04-15 00:32:19 +00:00
Dr. Stephen Henson	28722cf212	Add some root CAs.	2004-04-13 17:47:37 +00:00
Geoff Thorpe	2749276b95	Avoid undefined results when the parameter is out of range.	2004-04-02 06:25:11 +00:00
Dr. Stephen Henson	b6a5fdb8a7	Don't use C++ reserved word.	2004-04-01 22:23:46 +00:00
Dr. Stephen Henson	bf5773fa2d	Oops forgot CHANGES entry.	2004-03-31 12:55:33 +00:00
Dr. Stephen Henson	ecf139917d	New function X509_POLICY_NODE_print()	2004-03-31 12:17:24 +00:00
Richard Levitte	ab23d5ffda	Add symbol hacks for some long names. make update	2004-03-29 08:13:49 +00:00
Andy Polyakov	1a979201d5	This is essentially Intel 32-bit compiler tune-up. To start with all available compiler versions generated bogus machine code trying to compile new crypto/des/cfb_enc.c. Secondly, 8th version defines __GNUC__ macro, but fails to compile some inline assembler correctly. Note that all versions of icc implement MSC-like _lrot[rl] intrinsic, which is used now instead of offensive asm. Finally, unnecessary linker dependencies are eliminated. Most notably dependency from libirc.a caused trouble at application start-up, if libcrypto.so is linked with -Bsymbolic (which it is).	2004-03-28 21:27:47 +00:00
Dr. Stephen Henson	216659eb87	Enhance EVP code to generate random symmetric keys of the appropriate form, for example correct DES parity. Update S/MIME code and EVP_SealInit to use new functions. PR: 700	2004-03-28 17:38:00 +00:00
Dr. Stephen Henson	5d6383c83f	Make {i2v,v2i}_ASN1_BIT_STRING global. make update	2004-03-28 12:40:11 +00:00
Dr. Stephen Henson	e07d3a021d	Remove obsolete files.	2004-03-28 12:29:05 +00:00
Dr. Stephen Henson	e1a27eb34a	Allow CRLs to be passed into X509_STORE_CTX. This is useful when the verified structure can contain its own CRLs (such as PKCS#7 signedData). Tidy up some of the verify code.	2004-03-27 22:49:28 +00:00
Dr. Stephen Henson	6446e0c3c8	Extend OID config module format.	2004-03-27 13:30:14 +00:00
Dr. Stephen Henson	beedea2fef	Free up BIO properly when using streaming S/MIME sign.	2004-03-26 00:24:38 +00:00
Dr. Stephen Henson	34be34fdd0	Remove BN_CTX debug from debug-steve	2004-03-25 23:32:06 +00:00
Richard Levitte	0020502a07	SSL_COMP_get_compression_method is a typo (a missing 's' at the end of the symbol name).	2004-03-25 21:32:30 +00:00
Richard Levitte	d530017c00	Move the definition of Win32_rename(), since the macro rename gets undefined in the middle of the code on Windows, and that disrupts operations in functions later that use rename()... PR: 853	2004-03-25 20:09:00 +00:00
Richard Levitte	fd9fa844e2	Wrap code starting with a definition. PR: 854	2004-03-25 20:01:01 +00:00
Richard Levitte	c2dc3ee8d9	Change spaces to symbols in names. PR: 856	2004-03-25 19:52:34 +00:00
Richard Levitte	482c2acf02	Make prototypes for some callback pointers.	2004-03-25 16:21:42 +00:00
Richard Levitte	a481b4b52c	A couple more cases where RAND_add() gets an integer instead of a doule as last argument.	2004-03-25 16:04:02 +00:00
Richard Levitte	a87228031f	RAND_add() wants a double as it's last argument.	2004-03-25 15:52:43 +00:00
Dr. Stephen Henson	b79c82eaab	Fix loads of warnings in policy code. I'll remember to try to compile this with warnings enabled next time :-)	2004-03-25 13:45:58 +00:00
Dr. Stephen Henson	69d1d5e6ce	Fix ASN1 warnings.	2004-03-25 13:37:02 +00:00
Geoff Thorpe	c86f2054f3	Adjust various bignum functions to use BN_CTX for variables instead of locally initialising their own. NB: I've removed the "BN_clear_free()" loops for the exit-paths in some of these functions, and that may be a major part of the performance improvements we're seeing. The "free" part can be removed because we're using BN_CTX. The "clear" part OTOH can be removed because BN_CTX destruction automatically performs this task, so performing it inside functions that may be called repeatedly is wasteful. This is currently safe within openssl due to the fact that BN_CTX objects are never created for longer than a single high-level operation. However, that is only because there's currently no mechanism in openssl for thread-local storage. Beyond that, this might be an issue for applications using the bignum API directly and caching their own BN_CTX objects. The solution is to introduce a flag to BN_CTX_start() that allows its variables to be automatically sanitised on release during BN_CTX_end(). This way any higher-level function (and perhaps the application) can specify this flag in its own BN_CTX_start()/BN_CTX_end() pair, and this will cause inner-loop functions specifying the flag to be ignored so that sanitisation is handled only once back out at the higher level. I will be implementing this in the near future.	2004-03-25 04:32:24 +00:00
Geoff Thorpe	5c98b2caf5	Replace the BN_CTX implementation with my current work. I'm leaving the little TODO list in there as well as the debugging code (only enabled if BN_CTX_DEBUG is defined). I'd appreciate as much review and testing as can be spared for this. I'll commit some changes to other parts of the bignum code shortly to make better use of this implementation (no more fixed size limitations). Note also that under identical optimisations, I'm seeing a noticable speed increase over openssl-0.9.7 - so any feedback to confirm/deny this on other systems would also be most welcome.	2004-03-25 04:16:14 +00:00
Geoff Thorpe	5148710994	Adds warnings about two curves and fixes the "seed" value for two other curves. Submitted by: Nils Larsch	2004-03-25 03:03:52 +00:00
Geoff Thorpe	ea77fc3380	... and this should likewise fix up those RSA implementations that weren't already built and tested.	2004-03-25 02:55:17 +00:00
Geoff Thorpe	46ef873f0b	By adding a BN_CTX parameter to the 'rsa_mod_exp' callback, private key operations no longer require two distinct BN_CTX structures. This may put more "strain" on the current BN_CTX implementation (which has a fixed limit to the number of variables it will hold), but so far this limit is not triggered by any of the tests pass and I will be changing BN_CTX in the near future to avoid this problem anyway. This also changes the default RSA implementation code to use the BN_CTX in favour of initialising some of its variables locally in each function.	2004-03-25 02:52:04 +00:00
Geoff Thorpe	2d2a5ba32a	Damn, I was a bit hasty with my fix and hadn't spotted the linker dependency from asn1.	2004-03-25 02:41:35 +00:00
Geoff Thorpe	2bd4e3379f	Remove some warnings.	2004-03-25 02:24:38 +00:00
Geoff Thorpe	032c3ecb18	Protect against gcc's "warning: cast does not match function type".	2004-03-25 02:19:42 +00:00
Richard Levitte	e703b46598	Don't define fd for platforms that do not use it, as some may not declare fileno() properly	2004-03-24 10:55:48 +00:00
Richard Levitte	0fa793bc7b	Correct constness problems.	2004-03-24 10:50:42 +00:00
Richard Levitte	ba5477eb1a	Make it easier to buld test applications...	2004-03-24 10:50:25 +00:00
Richard Levitte	5c42f62e48	Only build the PKCS#7 test applications if "pkcs7" is present in SDIRS.	2004-03-24 10:48:50 +00:00
Richard Levitte	a08e05d1be	Add store.h among the exported headers on VMS.	2004-03-24 09:52:16 +00:00
Richard Levitte	d342ec3335	o_str.h isn't a public header file, so make sure it will still be included.	2004-03-24 09:43:03 +00:00
Richard Levitte	3d8b8860cf	o_str.h isn't a public header file.	2004-03-24 09:41:33 +00:00
Richard Levitte	a0b5ebeac6	Typo...	2004-03-24 09:40:59 +00:00
Richard Levitte	8ee18dd520	Make sure toupper() is properly declared.	2004-03-24 09:40:23 +00:00
Richard Levitte	f46e76ef50	Make it clear that for RSA_NO_PADDING, flen must be RSA_size(rsa)	2004-03-23 21:01:34 +00:00
Richard Levitte	e725a9660b	make update	2004-03-23 15:06:33 +00:00
Richard Levitte	d7eed1929b	Sync the VMS build with Unix.	2004-03-23 14:50:16 +00:00
Dr. Stephen Henson	4acc3e907d	Initial support for certificate policy checking and evaluation. This is currently very experimental and needs to be more fully integrated with the main verification code.	2004-03-23 14:14:35 +00:00
Richard Levitte	9449e38504	Correct minor spelling error. PR: 845	2004-03-21 23:03:52 +00:00
Richard Levitte	b8b0b5d856	Change \t to real tab in echo argument. PR: 847	2004-03-21 22:50:20 +00:00
Richard Levitte	ec5d8a54e9	Remove a warning for conversion double->long. This has impacts on Windows. PR: 849	2004-03-21 22:39:52 +00:00
Richard Levitte	18a6333180	Make sure fd is defined where it should. PR: 849	2004-03-21 22:36:27 +00:00
Geoff Thorpe	7f663ce430	Note my bignum hijinx in case app maintainers are using CHANGES for their porting efforts. Also, add Richard's name to the prior change.	2004-03-17 18:30:47 +00:00
Geoff Thorpe	e042540f6b	Variety of belt-tightenings in the bignum code. (Please help test this!) - Remove some unnecessary "+1"-like fudges. Sizes should be handled exactly, as enlarging size parameters causes needless bloat and may just make bugs less likely rather than fixing them: bn_expand() macro, bn_expand_internal(), and BN_sqr(). - Deprecate bn_dup_expand() - it's new since 0.9.7, unused, and not that useful. - Remove unnecessary zeroing of unused bytes in bn_expand2(). - Rewrite BN_set_word() - it should be much simpler, the previous complexities probably date from old mismatched type issues. - Add missing bn_check_top() macros in bn_word.c - Improve some degenerate case handling in BN_[add\|sub]_word(), add comments, and avoid a bignum expansion if an overflow isn't possible.	2004-03-17 17:36:54 +00:00
Dr. Stephen Henson	4e8172d6da	Avoid warnings.	2004-03-16 13:51:11 +00:00
Richard Levitte	875a644a90	Constify d2i, s2i, c2i and r2i functions and other associated functions and macros. This change has associated tags: LEVITTE_before_const and LEVITTE_after_const. Those will be removed when this change has been properly reviewed.	2004-03-15 23:15:26 +00:00
Richard Levitte	ec37635c94	It was just pointed out to me that it's better to cast to double...	2004-03-15 23:02:55 +00:00
Richard Levitte	fd836aeee0	Make sure that the last argument to RAND_add() is a float, or some compilers may complain.	2004-03-15 22:37:08 +00:00
Richard Levitte	560f7abb7e	Make sure we use unsigned constants, or come compilers may complain.	2004-03-15 22:33:19 +00:00
Geoff Thorpe	b6358c89a1	Convert openssl code not to assume the deprecated form of BN_zero(). Remove certain redundant BN_zero() initialisations, because BN_CTX_get(), BN_init(), [etc] already initialise to zero. Correct error checking in bn_sqr.c, and be less wishy-wash about how/why the result's 'top' value is set (note also, 'max' is always > 0 at this point).	2004-03-13 23:57:20 +00:00
Geoff Thorpe	5d735465d1	The efforts to eliminate the dual-representation of zero and to ensure bignums are passed in and out of functions and APIs in a consistent form has highlighted that zero-valued bignums don't need any allocated word data. The use of BN_set_word() to initialise a bignum to zero causes needless allocation and gives it a return value that must be checked. This change converts BN_zero() to a self-contained macro that has no return/expression value and does not cause any expansion of bignum data. Note, it would be tempting to rewrite the deprecated version as a success-valued comma expression, such as; #define BN_zero(a) ((a)->top = (a)->neg = 0, 1) However, this evaluates 'a' twice and would confuse initialisation loops (eg. while(..) { BN_zero(bn++) } ). As such, the deprecated version continues to use BN_set_word().	2004-03-13 23:04:15 +00:00
Geoff Thorpe	9e051bac13	Document a change I'd already made, and at the same time, correct the change to work properly; BN_zero() should set 'neg' to zero as well as 'top' to match the behaviour of BN_new().	2004-03-13 22:10:15 +00:00
Andy Polyakov	30fbcaa213	IRIX 6.x shared build fix-up. For reference. Note that both cc and gcc support -Wl flag, but we can't use -Wl,-[not]all with both drivers, because cc rearranges options passed through -Wl. We can't use -Wl,-all,libcrypto.a,-notall with cc either, because it refuses to start with "no input" error.	2004-03-12 21:52:54 +00:00
Dr. Stephen Henson	373c88faef	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:21 +0000	2004-03-10 09:23:49 +00:00
Dr. Stephen Henson	14813d8123	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2004-03-10 09:23:47 +00:00
Dr. Stephen Henson	92f2437f48	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:15 +0000	2004-03-10 09:23:45 +00:00
Dr. Stephen Henson	da959761ff	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:13 +0000	2004-03-10 09:23:43 +00:00
Dr. Stephen Henson	d8cd25aa0d	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:12 +0000	2004-03-10 09:23:41 +00:00
Dr. Stephen Henson	d63d4f46fc	file Makefile was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:09 +0000	2004-03-10 09:23:39 +00:00
Geoff Thorpe	93825dddad	static	2004-03-10 01:20:26 +00:00
Geoff Thorpe	a8aa764d3c	Minimise the amount of code dependent on BN_DEBUG_RAND. In particular, redefine bn_clear_top2max() to be a NOP in the non-debugging case, and remove some unnecessary usages in bn_nist.c. Submitted by: Nils Larsch Reviewed by: Geoff Thorpe, Ulf Möller	2004-03-09 03:53:40 +00:00
Geoff Thorpe	e7716b7a19	More changes coming out of the bignum auditing. BN_CTX_get() should ideally return a "zero" bignum as BN_new() does - so reset 'top'. During BN_CTX_end(), released bignums should be consistent so enforce this in debug builds. Also, reduce the number of wasted BN_clear_free() calls from BN_CTX_end() (typically by 75% or so). Submitted by: Nils Larsch Reviewed by: Geoff Thorpe, Ulf Möller	2004-03-09 03:47:35 +00:00
Dr. Stephen Henson	a4e3150f00	Fix policy constraints syntax.	2004-03-08 18:15:32 +00:00
Dr. Stephen Henson	edec614efd	Support for inhibitAnyPolicy extension.	2004-03-08 13:56:31 +00:00
Ulf Möller	2457c19df1	typo	2004-03-06 08:43:36 +00:00
Dr. Stephen Henson	5fa5eb71a4	Cleanup ASN1 OID module when it exits.	2004-03-05 23:47:56 +00:00
Dr. Stephen Henson	3f39976da3	Call autoconfig code in pkcs7 utility.	2004-03-05 23:46:29 +00:00
Dr. Stephen Henson	216ad9ef58	Memory leak fix.	2004-03-05 23:39:42 +00:00
Dr. Stephen Henson	bc50157010	Various X509 fixes. Disable broken certificate workarounds when X509_V_FLAG_X509_STRICT is set. Check for CRLSign in CRL issuer certificates. Reject CRLs with unhandled (any) critical extensions.	2004-03-05 17:16:35 +00:00
Dr. Stephen Henson	91180d45f9	Typos. Reported by: Jose Castejon-Amenedo <Jose.Castejon-Amenedo@hp.com>	2004-03-04 21:44:39 +00:00
Richard Levitte	d9f40bbe55	Make our page with pointers to binary distributions visible in the FAQ	2004-03-04 07:47:40 +00:00
Dr. Stephen Henson	ec7c9ee8b8	Indent some of the code examples.	2004-03-02 13:39:23 +00:00
Dr. Stephen Henson	f82bb9cb9c	Config docs.	2004-03-02 13:31:32 +00:00
Dr. Stephen Henson	5a8922aed5	Documentation of the KISS autoconfig functions.	2004-03-02 01:01:11 +00:00
Dr. Stephen Henson	f2c1812560	More autoconfig docs.	2004-03-01 19:15:24 +00:00
Richard Levitte	4cfa4ae820	Avoid a memory leak in OCSP_parse_url(). Notified by Paul Siegel <psiegel@corestreet.com>	2004-03-01 14:58:22 +00:00
Dr. Stephen Henson	a30af36c77	Initial docs for the OpenSSL library configuration via openssl.cnf	2004-03-01 01:04:40 +00:00
Geoff Thorpe	5075521e75	Add ECDSA documentation. Submitted by: Nils Larsch	2004-02-27 23:03:23 +00:00
Richard Levitte	ee3a47a994	AES is spelled AES, not ASE. Oops...	2004-02-27 02:24:49 +00:00
Richard Levitte	f727266ae8	Make sure the given EVP_PKEY is updated in the PEM_STRING_PKCS8INF case also. PR: 833	2004-02-26 22:07:45 +00:00
Richard Levitte	8bb0c8522a	Document the AES options for 'openssl smime'. PR: 834	2004-02-26 21:44:41 +00:00
Geoff Thorpe	c6700d2746	A cleanup of the ecs_ossl.c code and some (doxygen) comments for ecdsa.h Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-02-22 19:32:53 +00:00
Geoff Thorpe	1b06804491	When adding positive elements, we can use BN_uadd() instead of BN_add(). Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2004-02-22 19:30:41 +00:00
Dr. Stephen Henson	dc90f64d56	Use an OCTET STRING for the encoding of an OCSP nonce value. The old raw format can't be handled by some implementations and updates to RFC2560 will make this mandatory.	2004-02-19 18:16:38 +00:00
Dr. Stephen Henson	52161e090d	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:21 +0000	2004-02-13 21:56:21 +00:00
Geoff Thorpe	6c43032121	minor signed/unsigned warning fixes	2004-02-10 18:46:10 +00:00
Dr. Stephen Henson	37ead9be0b	Fix handling of -offset and -length in asn1parse tool. If -offset exceeds -length of data available exit with an error. Don't read past end of total data available when -offset supplied. If -length exceeds total available truncate it.	2004-02-08 13:30:04 +00:00
Andy Polyakov	1751034669	Typo in crypto/bn/asm/x86_64.c, bn_div_words(). PR: 821	2004-02-07 09:51:28 +00:00
Dr. Stephen Henson	d4575825f1	Add flag to avoid continuous memory allocate when calling EVP_MD_CTX_copy_ex(). Without this HMAC is several times slower than < 0.9.7.	2004-02-01 13:39:51 +00:00
Dr. Stephen Henson	9e55e06501	file fips_test_suite.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2004-01-30 19:22:17 +00:00
Andy Polyakov	d04b1b4656	Typo in PA-RISC 2 rules in crypto/bn/Makefile.ssl	2004-01-30 05:41:23 +00:00
Andy Polyakov	1247092776	HP/UX PA-RISC 2 targets update.	2004-01-29 22:16:08 +00:00
Richard Levitte	7e22a1df55	Remove typos	2004-01-29 11:24:32 +00:00
Richard Levitte	bb5810d21d	-Wtraditional was a little too much...	2004-01-29 10:56:18 +00:00
Richard Levitte	61a88c31c0	Typo	2004-01-29 02:55:43 +00:00
Richard Levitte	b86ed8d18f	In the development branch, it feels quite all right to warn on a lot more stuff.	2004-01-29 00:05:09 +00:00
Richard Levitte	e5886a2388	make update	2004-01-28 19:07:41 +00:00
Richard Levitte	8d1ebe0bd1	Add the missing parts for DES CFB1 and CFB8. Add the corresponding AES parts while I'm at it. make update	2004-01-28 19:05:35 +00:00
Richard Levitte	1fb724449d	make update	2004-01-28 18:38:33 +00:00
Richard Levitte	721a5e83f9	Unsigned vs. signed problem removed	2004-01-28 08:48:11 +00:00
Andy Polyakov	6df617a59d	#undef _POSIX_C_SOURCE in ui_openssl.c ruined IRIX builds. Comment on why _POSIX_C_SOURCE needed in first place.	2004-01-27 22:06:48 +00:00
Andy Polyakov	8c6336b0aa	CFB DES sync-up with FIPS branch.	2004-01-27 21:47:35 +00:00
Richard Levitte	87203dc99a	Avoid signed vs. unsigned warnings (which are treated like errors on Windows).	2004-01-27 01:16:38 +00:00
Richard Levitte	4de65cbc06	S_IFBLK and S_IFCHR may not exist in some places (like Windows), so let's check for those macros, and if they aren't defined, let's assume there aren't Unixly devices on this platform.	2004-01-26 23:45:32 +00:00
Andy Polyakov	27b2b78f90	Even though C specification explicitly says that constant type "stretches" automatically to accomodate the value, some compilers fail to do so. Most notably 0x0123456789ABCDEF should come out as long long in 32-bit context, but HP compiler truncates it to 32-bit value. Which in turn breaks GF(2^m) arithmetics in hpux-parisc2-cc build. Therefore this fix...	2004-01-25 10:53:43 +00:00
Andy Polyakov	3a160f1dc6	Fix declaration inconsistency in ecparam.c.	2004-01-24 16:51:59 +00:00
Andy Polyakov	7f24b1c3e9	Get rid of bogus warning when compiling with Sun vendor compiler.	2004-01-24 16:31:21 +00:00
Richard Levitte	a5e8bcfb7b	We're passed p, so let's use p instead of making assumptions.	2004-01-24 01:16:02 +00:00
Richard Levitte	9d5c3c1939	Typo...	2004-01-22 22:36:46 +00:00
Dr. Stephen Henson	815d7057be	Replace expired certificate.	2004-01-21 13:08:11 +00:00
Andy Polyakov	30cb9ec715	SHA-1 assembler tune-up for Intel P4	2004-01-21 08:17:08 +00:00
Richard Levitte	af6dab9b00	Adding a slash between the directoryt and the file is a problem with VMS. The C RTL can handle it well if the "directory" is a logical name with no colon, therefore ending being 'logname/file'. However, if the given logical names actually has a colon, or if you use a full VMS-syntax directory, you end up with 'logname:/file' or 'dev:[dir1.dir2]/file', and that isn't handled in any good way. So, on VMS, we need to check if the directory string ends with a separator (one of ':', ']' or '>' (< and > can be used instead [ and ])), and handle that by not inserting anything between the directory spec and the file name. In all other cases, it's assumed the directory spec is a logical name, so we need to place a colon between it and the file. Notified by Kevin Greaney <kevin.greaney@hp.com>.	2004-01-10 18:04:38 +00:00
Lutz Jänicke	cdb42bcf0c	Cover all DSA setups when running tests PR: #748 Submitted by: Kirill Kochetkov <kochet@ixbt.com>	2004-01-08 07:46:37 +00:00
Lutz Jänicke	fc56b52924	Updates to s_time manual page PR: #570 Submitted by: Martin Witzel <MWITZEL@de.ibm.com>	2004-01-08 07:38:15 +00:00
Lutz Jänicke	a32fc687de	Add s_time manual page Submitted by: "Martin Witzel" <MWITZEL@de.ibm.com> PR: #570	2004-01-04 18:59:14 +00:00
Lutz Jänicke	c0017a5a65	Update URI Submitted by: Gertjan van Oosten <gertjan@West.NL> PR: #804	2004-01-04 18:05:50 +00:00
Lutz Jänicke	344e86645d	unintptr_t and <inttypes.h> are not strictly portable with respect to ANSI C 89. Undo change to maintain compatibility.	2004-01-04 17:53:21 +00:00
Richard Levitte	075521725d	Fix Perl problems on sparc64. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 16:13:18 +00:00
Richard Levitte	5fdf06666c	Avoid including cryptlib.h, it's not really needed. Check if IDEA is being built or not. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 16:10:30 +00:00
Richard Levitte	f28e8bd300	Only use environment variables if uid and gid are the same as euid and egid. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 16:07:20 +00:00
Richard Levitte	de02ec2767	Check if a random "file" is really a device file, and treat it specially if it is. Add a few OpenBSD-specific cases. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 16:02:22 +00:00
Richard Levitte	112341031b	Correct documentation typos. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 15:04:54 +00:00
Richard Levitte	7cf803230b	OpenBSD-internal changes. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 15:02:56 +00:00
Richard Levitte	79b42e7654	Use sh explicitely to run point.sh This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 14:59:07 +00:00
Richard Levitte	f0c5db92f7	Include strings.h so strcasecmp() and strncasecmp() get properly declared.	2003-12-27 14:54:48 +00:00
Richard Levitte	d420ac2c7d	Use BUF_strlcpy() instead of strcpy(). Use BUF_strlcat() instead of strcat(). Use BIO_snprintf() instead of sprintf(). In some cases, keep better track of buffer lengths. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 14:40:17 +00:00
Richard Levitte	b79aa47a0c	Add a newline at the end of the last line. This is part of a large change submitted by Markus Friedl <markus@openbsd.org>	2003-12-27 14:26:14 +00:00
Dr. Stephen Henson	e88c577738	Typos.	2003-12-20 22:48:21 +00:00
Richard Levitte	a2b0de98af	To figure out if we're going outside the buffer, use the size of the buffer, not the size of the integer used to index in said buffer. PR: 794 Notified by: Rhett Garber <rhett_garber@hp.com>	2003-12-11 18:01:03 +00:00
Richard Levitte	4775944f81	Document that you need to include x509.h (to get [i2d\|d2i]_RSA_PUBKEY()). Correct the typo PUKEY...	2003-12-10 14:31:55 +00:00
Richard Levitte	2abd5b7aa0	Document that you need to include x509.h (to get [i2d\|d2i]_DSA_PUBKEY()). Correct the typo PUKEY...	2003-12-10 13:57:51 +00:00
Ulf Möller	380e145daf	Add "dif" variable to clean up the loop implementations. Submitted by: Nils Larsch	2003-12-06 11:55:46 +00:00
Ulf Möller	a9f2330f43	Skip a curve with generator of non-prime order. Submitted by: Nils Larsch	2003-12-06 11:41:22 +00:00
Ulf Möller	ce38bb1a8c	Avoid segfault if ret==0. Submitted by: Nils Larsch	2003-12-06 11:39:37 +00:00
Lutz Jänicke	919f8bcd21	Restructure make targets to allow parallel make. Submitted by: Witold Filipczyk <witekfl@poczta.gazeta.pl> PR: #513	2003-12-03 16:29:41 +00:00
Geoff Thorpe	2bfd2c74d2	Incremental cleanups to bn_lib.c. - Add missing bn_check_top() calls and relocate some others - Use BN_is_zero() where appropriate - Remove assert()s that bn_check_top() is already covering - Simplify the code in places (esp. bn_expand2()) - Only keep ambiguous zero handling if BN_STRICT isn't defined - Remove some white-space and make some other aesthetic tweaks	2003-12-02 20:01:30 +00:00
Geoff Thorpe	82b2f57e30	Use the BN_is_odd() macro in place of code that (inconsistently) does much the same thing. Also, I have some stuff on the back-burner related to some BN_CTX notes from Peter Gutmann about his cryptlib hacks to the bignum code. The BN_CTX comments are there to remind me of some relevant points in the code.	2003-12-02 03:28:24 +00:00
Geoff Thorpe	2ae1ea3788	BN_FLG_FREE is of extremely dubious usefulness, and is only referred to once in the source (where it is set for the benefit of no other code whatsoever). I've deprecated the declaration in the header and likewise made the use of the flag conditional in bn_lib.c. Note, this change also NULLs the 'd' pointer in a BIGNUM when it is reset but not deallocated.	2003-12-02 03:16:56 +00:00
Geoff Thorpe	34066d741a	Declare the static BIGNUM "BN_value_one()" more carefully.	2003-12-01 23:13:17 +00:00
Geoff Thorpe	b74cc0776b	Add missing bn_check_top()s to bn_kron.c, remove some miscellaneous white-space, and include extra headers to satisfy debugging builds.	2003-12-01 23:11:45 +00:00
Geoff Thorpe	e7e5fe4705	Add missing bn_check_top()s to bn_gf2m.c and remove some miscellaneous white-space.	2003-12-01 23:10:21 +00:00
Geoff Thorpe	998ae048e7	The bn_set_max() macro is only "used" by the bn_set_[low\|high]() macros which, in turn, are used nowhere at all. This is a good thing because bn_set_max() would currently generate code that wouldn't compile (BIGNUM has no 'max' element). The only apparent use for bn_set_[low\|high] would be for implementing windowing algorithms, and all of openssl's seem to use bn_***_words() helpers instead (including the BN_div() that Nils fixed recently, which had been using independently-coded versions of what these unused macros are intended for). I'm therefore consigning these macros to cvs oblivion in the name of readability.	2003-12-01 22:11:08 +00:00
Geoff Thorpe	e65c2b9872	bn_fix_top() exists for compatibility's sake and is mapped to bn_correct_top() or bn_check_top() depending on debug settings. For internal source, all bn_fix_top()s should be converted one way or the other depending on whether the use of bn_correct_top() is justified. For BN_div_recp(), these cases should not require correction if the other bignum functions are doing their jobs properly, so convert to bn_check_top().	2003-12-01 21:59:40 +00:00
Richard Levitte	2fe9ab8e20	It was pointed out to me that if the requested size is 0, we shouldn't ty to allocate anything at all. This will allow eNULL to still work. PR: 751 Notified by: Lutz Jaenicke	2003-12-01 13:25:37 +00:00
Richard Levitte	1145e03870	Check that OPENSSL_malloc() really returned some memory. PR: 751 Notified by: meder@mcs.anl.gov Reviewed by: Lutz Jaenicke, Richard Levitte	2003-12-01 12:11:55 +00:00
Richard Levitte	6781efb92f	CRYPTO_malloc(), CRYPTO_realloc() and variants of them should return NULL if the give size is 0. This is a thought that came up in PR 751.	2003-12-01 12:06:15 +00:00
Lutz Jänicke	0bf1c1d80d	Some more ASFLAGS settings required PR: #735 Submitted by: Tim Rice <tim@multitalents.net>	2003-12-01 08:12:47 +00:00
Geoff Thorpe	6ed474ca66	Add more debugging to my Configure target, and "make update" to incorporate this and a few other changes.	2003-11-30 23:29:27 +00:00
Geoff Thorpe	46cb8d3689	If BN_STRICT is defined, don't accept an ambiguous representation of zero (ie. where top may be zero, or it may be one if the corresponding word is set to zero). Note, this only affects the macros in bn.h, there are probably similar corrections required in some c files. Also, clarify the audit-related macros at the top of the header. Mental note: I must not forget to clean all this out before 0.9.8 is released ...	2003-11-30 22:23:12 +00:00
Geoff Thorpe	23fc5ac646	Improve a couple of the bignum macros. Note, this doesn't eliminate tolerance of ambiguous zero-representation, it just improves BN_abs_is_word() and simplifies other macros that depend on it.	2003-11-30 22:02:10 +00:00
Geoff Thorpe	5734bebe05	Make BN_DEBUG_RAND less painfully slow by only consuming one byte of pseudo-random data for each bn_pollute().	2003-11-30 21:21:30 +00:00
Geoff Thorpe	657a919598	This improves the placement of check_top() macros in a couple of bn_lib functions.	2003-11-29 20:34:07 +00:00
Richard Levitte	6859bb1a22	Make sure the documentation matches reality. PR: 755 Notified by: Jakub Bogusz <qboosh@pld-linux.org>	2003-11-29 10:33:25 +00:00
Richard Levitte	3822740ce3	We're getting a clash with C++ because it has a type called 'list'. Therefore, change all instances of the symbol 'list' to something else. PR: 758 Submitted by: Frédéric Giudicelli <groups@newpki.org>	2003-11-29 10:25:37 +00:00
Richard Levitte	0d78bc3356	Add IPSec/IKE/Oakley curves. PR: 768 Submitted by: Vadim Fedukovich <vf@unity.net>	2003-11-29 09:25:59 +00:00
Richard Levitte	d87b79bf31	Damnit, I'm sick of having to do something special every time a module that gets built before objects barfs all over the place because it uses a new NID that hasn't had a chance of getting defined yet (in this case, it was about a couple of new EC curves, and therefore a couple of new corresponding NIDs). I'm placing objects first in SDIRS! There.	2003-11-29 09:19:12 +00:00
Richard Levitte	70ef9c5a3d	RSA_size() and DH_size() return the amount of bytes in a key, and we compared it to the amount of bits required... PR: 770 Submitted by: c zhang <czhang2005@hotmail.com>	2003-11-28 23:03:14 +00:00
Richard Levitte	b727907ae8	1024 is the export key bits limit according to current regulations, not 512. PR: 771 Submitted by: c zhang <czhang2005@hotmail.com>	2003-11-28 22:39:19 +00:00
Geoff Thorpe	444c3a8492	Get rid of some signed/unsigned comparison warnings.	2003-11-28 16:39:16 +00:00
Richard Levitte	0b352c58db	Make a number of changes to the OS/2 build. Submitter's comment below. PR: 732 Submitted by: Ilya Zakharevich <nospam-abuse@ilyaz.org> Submitter's comment: This patch: a) Introduces a new file os2/backwardify.pl. b) Introduces a new mk1mf.pl variable $preamble. As you can see, it may be used also to move some OS-specific code to VC-CE too (the the first chunk of the patch); c) The DESCRIPTION specifier of the .def file is made more informative: now it contains the version number too. On OS/2 it is made conformant to OS/2 conventions; in particular, when one runs the standard command BLDLEVEL this.DLL one can see: Vendor: www.openssl.org/ Revision: 0.9.7c Description: OpenSSL: implementation of Secure Socket Layer; DLL for library crypto. Build for EMX -Zmtd [I did not make Win32 descriptions as informative as this - I'm afraid to break something. Be welcome to fix this.] d) On OS/2 the generated DLL was hardly usable (it had a shared initialized data segment). e) On OS/2 the generated DLLs had names like ssl.dll. However, DLL names on OS/2 are "global data". It is hard to have several DLLs with the same name on the system. Thus this precluded coexistence of OpenSSL with DLLs for other SLL implementations - or other name clashes. I transparently changed the names of the DLLs to open_ssl.dll and cryptssl.dll. f) The file added in (a) is used to create "forwarder" DLLs, so the applications expecting the "old" DLL names may use the new DLLs transparently. (A presence of these DLLs on the system nullifies (e), but makes old applications work. This is a stopgap measure until the old applications are relinked. Systems with no old applications do not need these DLLs, so may enjoy all the benefits of (e).) The new DLLs are placed in os2/ and os2/noname subdirectories. g) The makefiles created with os2/OS2-EMX.cmd did not work (some mysterious meaningless failures). The change to util/pl/OS2-EMX.pl uses the variable introduced in (b) to switch the Makefiles to SHELL=sh syntax. All these backslashes are removed, and the generated Makefiles started to work. h) Running os2/OS2-EMX.cmd now prints out what to do next.	2003-11-28 14:51:30 +00:00
Richard Levitte	03ddbdd9b9	Move another common functionality (reproduced so far with cut'n'paste) to apps.c, and give it the hopefully descriptive name parse_yesno().	2003-11-28 14:45:09 +00:00
Richard Levitte	5ebdb39084	Let's use text/plain in the example instead of crapy HTML. PR: 777 Submitted by: Michael Shields <mshields@sunblocksystems.com>	2003-11-28 14:32:31 +00:00
Richard Levitte	d45a098472	Forgot to change the declaration of do_subject() to one of parse_name()...	2003-11-28 14:18:05 +00:00
Richard Levitte	6d5ffb591b	Move do_subject() to apps.c and rename it to parse_name(). The rationale behind the move is that it's use by several applications. The rationale behind the name change is that it describes what the function does a bit better.	2003-11-28 14:07:14 +00:00
Richard Levitte	7ce9e425bc	Allow multi-valued rdns in subjects. This adds the -multivalue-rdn option to 'openssl req' and 'openssl ca'. PR: 779 Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de> Reviewed by: Richard Levitte (there will be some follow-up changes)	2003-11-28 14:04:09 +00:00
Richard Levitte	4d8743f490	Netware-specific changes, PR: 780 Submitted by: Verdon Walker <VWalker@novell.com> Reviewed by: Richard Levitte	2003-11-28 13:10:58 +00:00
Richard Levitte	4c8b4f9d03	Change my debugging entries to do fierce BIGNUM debugging.	2003-11-28 12:54:11 +00:00
Geoff Thorpe	81ba5f6713	Due to recent debugging bursts, openssl should be more or less solid against inconsistent BIGNUMs coming out of any of its API functions. So this change no longer "fixes" the bn_print.c functions, but it makes for cleaner code. This patch was a part of ticket 697. PR: 697 Submitted by: Otto Moerbeek Reviewed by: Geoff Thorpe	2003-11-25 21:07:59 +00:00
Geoff Thorpe	6defae04f3	Fix some handling in bn_word. This also resolves the issues observed in ticket 697 (though uses a different solution than the proposed one). This problem was initially raised by Otto Moerbeek. PR: 697 Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2003-11-25 20:39:19 +00:00
Geoff Thorpe	e1064adfd3	Some changes for bn_gf2m.c: better error checking plus some minor optimizations. Submitted by: Nils Larsch	2003-11-25 03:41:20 +00:00
Lutz Jänicke	d7559f16cd	Free "engine" resource in case of failure to prevent memory leak PR: #778 Submitted by: George Mitchell <george@m5p.com>	2003-11-24 16:48:52 +00:00
Geoff Thorpe	9e989810ba	BN_div() cleanup: replace the use of BN_sub and BN_add with bn_sub_words and bn_add_words to avoid using fake bignums to window other bignums that can lead to corruption. This change allows all bignum tests to pass with BN_DEBUG and BN_DEBUG_RAND debugging and valgrind. NB: This should be tested on a few different architectures and configuration targets, as the bignum code this deals with is quite preprocessor (and assembly) sensitive. Submitted by: Nils Narsch Reviewed by: Geoff Thorpe, Ulf Moeller	2003-11-22 20:23:41 +00:00
Geoff Thorpe	ec2179cf81	Fix a small bug in str_copy: if more than one variable is replaced, make sure the current length is used to calculate the new buffer length instead of using the old length (prior to any variable substitution). Submitted by: Nils Larsch	2003-11-21 21:42:35 +00:00
Dr. Stephen Henson	a8287a90ea	Give CRLDP its standard name. Max req -x509 use V1 if extensions section absent.	2003-11-20 22:45:06 +00:00
Andy Polyakov	ad5f0ed509	hpux64-parisc2-gcc target added. Once it is verified, ./config should be modified to choose it instead of hpux64-parisc-gcc, which should then be removed. hpux64-parisc-cc is removed already now as redundant [in case you wonder, 64-bit HP-UX ABI implies PA-RISC2.0].	2003-11-20 19:10:36 +00:00
Andy Polyakov	0a4c8baf5e	./config failed to correctly detect if gcc uses 64-bit ABI on HP-UX. PR: 772	2003-11-20 18:33:20 +00:00
Lutz Jänicke	95de3d204f	Make sure to initialize AES counters to obtain proper results. Submitted by: Kirill Kochetkov <kochet@ixbt.com> PR: #748	2003-11-18 18:27:12 +00:00
Ulf Möller	31182ad39b	re-enable the test, keeping the original method for RAND_pseudo_bytes which is used by BN_DEBUG_RAND Submitted by: Nils Larsch	2003-11-16 19:33:31 +00:00
Lutz Jänicke	f35232e6f3	Catch error condition to prevent NULL pointer dereference. Submitted by: Goetz Babin-Ebell <babin-ebell@trustcenter.de> PR: #766	2003-11-16 16:30:39 +00:00
Lutz Jänicke	fda5e38551	Provide ASFLAGS in the subdirectories handling assembler code. Submitted by: Tim Rice <tim@multitalents.net> PR: #735, #765	2003-11-16 14:38:34 +00:00
Ulf Möller	ac9c6e10a4	The x9.62 tests replace the PRNG with specific numbers, so don't run them if BN_DEBUG_RAND is defined. Also, fix another small bug. Submitted by: Nils Larsch	2003-11-16 12:24:45 +00:00
Ulf Möller	1a01733047	BN_set_bit() etc should use "unsigned int". Keep it as is to avoid an API change, but check for negativ values. Submitted by: Nils Larsch	2003-11-15 08:37:50 +00:00
Richard Levitte	d2cd46127c	Less restrictive debugging build.	2003-11-14 14:06:40 +00:00
Geoff Thorpe	9dde17e8b4	This rewrites two "for" loops in BN_rshift() - equality with zero is generally a more efficient comparison than comparing two integers, and the first of these two loops was off-by-one (copying one too many values). This change also removes a superfluous assignment that would set an unused word to zero (and potentially allow an overrun in some cases). Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2003-11-13 15:03:14 +00:00
Geoff Thorpe	37af03d311	General improvements to the ec_asn1.c code. This squashes at least one bug (where it was impossible to create an EC certificate with a compressed public key), and has some style improvements based on some comments from Steve Henson about use of the ASN1 macros. Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2003-11-10 18:09:18 +00:00
Geoff Thorpe	f7a397cc8d	Avoid possible memory leaks in error-handling. Submitted by: Nils Larsch Reviewed by: Geoff Thorpe	2003-11-10 18:05:22 +00:00
Dr. Stephen Henson	cd2e8a6f2d	Print out GeneralizedTime and UTCTime in ASN1_STRING_print_ex().	2003-11-10 01:37:23 +00:00
Ulf Möller	d18b993c43	Geoff suggested a more succinct description for "top".	2003-11-07 01:33:00 +00:00
Ulf Möller	e6e81c5894	oops... the description of ->top was inaccurate (the example is correct though)	2003-11-07 00:07:28 +00:00
Geoff Thorpe	f75abcefed	This extends the debugging macros to use "pollution" during bn_correct_top(), previously only bn_check_top() did this.	2003-11-06 23:24:44 +00:00
Geoff Thorpe	18f62d4b82	Add debug-screening of input parameters to some functions I'd missed before.	2003-11-06 23:13:04 +00:00
Geoff Thorpe	5c0c22803e	Put more debug screening in BN_div() and correct a comment.	2003-11-06 23:11:07 +00:00
Geoff Thorpe	0ef85c7f45	This is a revert of my previous commit to "improve" the declaration of constant BIGNUMs. It turns out that this trips up different but equally useful compiler warnings to -Wcast-qual, and so wasn't worth the ugliness it created. (Thanks to Ulf for the forehead-slap.)	2003-11-05 19:30:29 +00:00
Ulf Möller	078dd1a0f9	typo in comment	2003-11-05 17:28:59 +00:00
Ulf Möller	2b96c95197	cleanup as discussed with Geoff	2003-11-05 17:28:25 +00:00
Ulf Möller	c5f1c7b4d8	Cygwin debugging	2003-11-05 17:27:13 +00:00
Geoff Thorpe	d870740cd7	Put the first stage of my bignum debugging adventures into CVS. This code is itself experimental, and in addition may cause execution to break on existing openssl "bugs" that previously were harmless or at least invisible.	2003-11-04 22:54:49 +00:00
Geoff Thorpe	d8ec0dcf45	Avoid some shadowed variable names. Submitted by: Nils Larsch	2003-11-04 00:51:32 +00:00
Geoff Thorpe	c465e7941e	This is the least unacceptable way I've found for declaring the bignum data and structures as constant without having to cast away const at any point. There is still plenty of other code that makes gcc's "-Wcast-qual" unhappy, but crypto/bn/ is now ok. Purists are welcome to suggest alternatives.	2003-11-04 00:29:09 +00:00
Richard Levitte	933398f110	Engines are usually binary, and should therefore be in INSTALLTOP rather than OPENSSLDIR.	2003-10-31 10:48:48 +00:00
Richard Levitte	cfd06a6223	Let exit codes propagate from within for loops.	2003-10-31 06:58:24 +00:00
Geoff Thorpe	a9fd78f9da	bn_div() does some pretty nasty things with temporary variables, constructing BIGNUM structures with pointers offset into other bignums (among other things). This corrects some of it that is too plainly insane, and tries to ensure that bignums are normalised when passed to other functions.	2003-10-31 01:35:16 +00:00
Geoff Thorpe	5f747c7f4b	When a BN_CTX is used for temporary workspace, the variables are sometimes left in an inconsistent state when they are released for later reuse. This change resets the BIGNUMs when they are released back to the context.	2003-10-30 01:07:56 +00:00
Geoff Thorpe	c4db1a8b5c	This fixes a couple of cases where an inconsistent BIGNUM could be passed as input to a function.	2003-10-30 01:03:31 +00:00
Geoff Thorpe	f7939fcd9a	make update	2003-10-29 23:25:52 +00:00
Geoff Thorpe	d531c9014d	Tighten up my compiler settings.	2003-10-29 23:25:34 +00:00
Geoff Thorpe	aca95e0b2f	Remove a line that was causing redundant declarations. Obtained from: Stephen Henson <steve@openssl.org>	2003-10-29 22:55:19 +00:00
Geoff Thorpe	bc3c578208	Copy-n-paste bug (don't mix variable declarations and code). This sets the callback structure just before it is needed.	2003-10-29 22:30:45 +00:00
Geoff Thorpe	06e4024d98	Oops, this file already had the "empty source file" workaround but it requires -DPEDANTIC and was hidden at the bottom of the file. This moves it to the top and removes the redundant declaration.	2003-10-29 22:25:04 +00:00
Geoff Thorpe	8087d8f7ea	Make md32_common.h friendlier to compiler warnings. Obtained from: Andy Polyakov <appro@openssl.org>	2003-10-29 20:55:03 +00:00
Geoff Thorpe	31166ec8f3	Some provisional bignum debugging has begun to detect inconsistent BIGNUM structures being passed in to or out of API functions, and this corrects a couple of cases found so far. Also, lop off a couple of bytes of white-space.	2003-10-29 20:47:49 +00:00
Geoff Thorpe	2754597013	A general spring-cleaning (in autumn) to fix up signed/unsigned warnings. I have tried to convert 'len' type variable declarations to unsigned as a means to address these warnings when appropriate, but when in doubt I have used casts in the comparisons instead. The better solution (that would get us all lynched by API users) would be to go through and convert all the function prototypes and structure definitions to use unsigned variables except when signed is necessary. The proliferation of (signed) "int" for strictly non-negative uses is unfortunate.	2003-10-29 20:24:15 +00:00
Geoff Thorpe	2ce90b9b74	BN_CTX is opaque and the static initialiser BN_CTX_init() is not used except internally to the allocator BN_CTX_new(), as such this deprecates the use of BN_CTX_init() in the API. Moreover, the structure definition of BN_CTX is taken out of bn_lcl.h and moved into bn_ctx.c itself. NDEBUG should probably only be "forced" in the top-level configuration, but until it is I will avoid removing it from bn_ctx.c which might surprise people with massive slow-downs in their keygens. So I've left it in bn_ctx.c but tidied up the preprocessor logic a touch and made it more tolerant of debugging efforts.	2003-10-29 18:04:37 +00:00
Richard Levitte	4e952ae4fc	Removing those memcpy()s also took away the possibility for in and out to be the same. Therefore, the removed memcpy()s need to be restored.	2003-10-29 06:21:22 +00:00
Geoff Thorpe	db59141467	remove accidentally committed debugging cruft.	2003-10-29 05:35:31 +00:00
Geoff Thorpe	8a66d17899	Remove an unnecessary cast that causes certain compilers (eg. mine) some confusion. Also silence a couple of signed/unsigned warnings.	2003-10-29 05:00:57 +00:00
Geoff Thorpe	2eeaa0261e	Remove redundant declaration.	2003-10-29 04:58:23 +00:00
Geoff Thorpe	8dc344ccbf	Relax some over-zealous constification that gave some lhash-based code no choice but to have to cast away "const" qualifiers from their prototypes. This does not remove constification restrictions from hash/compare callbacks, but allows destructor commands to be run over a tables' elements without bad casts.	2003-10-29 04:57:05 +00:00
Geoff Thorpe	6bcd3f903a	Comments out some unimplemented functions instead of redeclaring them.	2003-10-29 04:42:29 +00:00
Geoff Thorpe	40f935f5b4	Avoid "empty source file" warnings.	2003-10-29 04:41:19 +00:00
Geoff Thorpe	0991f07034	For whatever reason (compiler or header bugs), at least one commonly-used linux system (namely mine) chokes on our definitions and uses of the "HZ" symbol in crypto/tmdiff.[ch] and apps/speed.c as a "bad function cast" (when in fact there is no function casting involved at all). In both cases, it is easily worked around by not defining a cast into the macro and jiggling the expressions slightly. In addition - this highlights some cruft in openssl that needs sorting out. The tmdiff.h header is exported as part of the openssl API despite the fact that it is ugly as the driven sludge and not used anywhere in the library, applications, or utilities. More weird still, almost identical code exists in apps/speed.c though it looks to be slightly tweaked - so either tmdiff should be updated and used by speed.c, or it should be dumped because it's obviously not useful enough. Rather than removing it for now, I've changed the API for tmdiff to at least make sense. This involves taking the object type (MS_TM) from the implementation and using it in the header rather than using "char " in the API and casting mercilessly in the code (ugh). If someone doesn't like "MS_TM" and the "ms_time_**" naming, by all means change it. This should be a harmless improvement, because the existing API is clearly not very useful (eg. we reimplement it rather than using it in our own utils). However, someone still needs to take a hack at consolidating speed.c and tmdiff.[ch] somehow.	2003-10-29 04:40:13 +00:00
Geoff Thorpe	2aaec9cced	Update any code that was using deprecated functions so that everything builds and links with OPENSSL_NO_DEPRECATED defined.	2003-10-29 04:14:08 +00:00
Geoff Thorpe	9d473aa2e4	When OPENSSL_NO_DEPRECATED is defined, deprecated functions are (or should be) precompiled out in the API headers. This change is to ensure that if it is defined when compiling openssl, the deprecated functions aren't implemented either.	2003-10-29 04:06:50 +00:00
Geoff Thorpe	6145b0b183	The "cryptodev" engine preprocessor logic used undefined symbols in comparisons. It's better not to allow this, because it gives false positives when using compiler warnings that detect mistyped symbols.	2003-10-29 04:00:14 +00:00
Geoff Thorpe	2a85f77146	Add my own debug config target.	2003-10-28 22:57:18 +00:00
Geoff Thorpe	66b82f5aad	make update	2003-10-28 22:10:47 +00:00
Geoff Thorpe	12bdceac8a	Ignore derived file.	2003-10-28 17:26:46 +00:00
Geoff Thorpe	aea293e3bc	crypto/evp/evptests.txt is copied to tests/ rather than symlinked because of windows (see checkin 1.75 of crypto/evp/Makefile.ssl), so quiet cvs noise for the copied version.	2003-10-28 17:24:29 +00:00
Geoff Thorpe	8ad7e3ad2a	Remove duplicate prototypes have already been (correctly) added to rsa.h, as this is already included by x509.h anyway.	2003-10-24 16:17:11 +00:00
Richard Levitte	0b6956b474	Correct serious bug in AES-CBC decryption when the message length isn't a multiple of AES_BLOCK_SIZE. Optimize decryption of all complete blocks in AES-CBC by removing an unnecessary memcpy(). The error was notified by James Fernandes <jf210032@exchange.DAYTONOH.NCR.com>. The unnecessary memcpy() was found as an effect of investigating that error.	2003-10-15 09:00:14 +00:00
Richard Levitte	0bb6187e71	The object file is o_str.o, not o_str.c. Thanks to Peter Sylvester <Peter.Sylvester@EdelWeb.fr> for the notification.	2003-10-13 11:34:40 +00:00
Dr. Stephen Henson	c5a5546389	Add support for digested data PKCS#7 type.	2003-10-11 22:11:45 +00:00
Dr. Stephen Henson	77fe058c10	Simplify cipher and digest lookup in PKCS#7 code.	2003-10-11 16:46:40 +00:00
Dr. Stephen Henson	8d9086dfa2	New function to initialize a PKCS7 structure of type other.	2003-10-10 23:40:47 +00:00
Dr. Stephen Henson	0602abf5bd	Initialize digested data type in PKCS7_set_type().	2003-10-10 23:31:53 +00:00
Dr. Stephen Henson	caf044cb3e	Retrieve correct content to sign when the type is "other".	2003-10-10 23:25:43 +00:00
Dr. Stephen Henson	a08ced78c8	Avoid warnings: add missing prototype, don't shadow.	2003-10-10 23:07:24 +00:00
Richard Levitte	83eb412da8	In realloc, don't destroy the old memory area if a new one couldn't be allocated. Notified by Daniel Lucq <daniel@lucq.org>	2003-10-07 12:09:39 +00:00
Richard Levitte	4d1c443123	make update	2003-10-06 12:22:42 +00:00
Richard Levitte	f44e184ec6	s_client should inform the user of any compression/expansion methods used.	2003-10-06 12:19:38 +00:00
Richard Levitte	377dcdba44	Add functionality to get information on compression methods (not quite complete).	2003-10-06 12:18:39 +00:00
Richard Levitte	8242354952	Make sure int SSL_COMP_add_compression_method() checks if a certain compression identity is already present among the registered compression methods, and if so, reject the addition request. Declare SSL_COMP_get_compression_method() so it can be used properly. Change ssltest.c so it checks what compression methods are available and enumerates them. As a side-effect, built-in compression methods will be automagically loaded that way. Additionally, change the identities for ZLIB and RLE to be conformant to draft-ietf-tls-compression-05.txt. Finally, make update. Next on my list: have the built-in compression methods added "automatically" instead of requiring that the author call SSL_COMP_add_compression_method() or SSL_COMP_get_compression_methods().	2003-10-06 11:00:15 +00:00
Richard Levitte	c40b9bdefb	Setting the ex_data index is unsafe in a threaded environment, so let's wrap it with a lock.	2003-10-06 09:09:44 +00:00
Richard Levitte	6895cca89d	Remove unused code, don't use zlib functions that are really macros and provide missing prototypes.	2003-10-04 09:09:19 +00:00
Richard Levitte	f82ab534c6	Check for errors from SSL_COMP_add_compression_method(). Notified by Andrew Marlow <AMARLOW1@bloomberg.net>	2003-10-02 10:41:48 +00:00
Richard Levitte	f6e8c19ed1	Correct a mixup of return values	2003-10-02 10:38:44 +00:00
Richard Levitte	cf89b40584	Include e_os.h to get a proper definition of memmove on the platforms that do not have it.	2003-10-01 20:43:03 +00:00
Richard Levitte	c076599c18	Corrected misplacement of one of the greps...	2003-10-01 15:06:36 +00:00
Richard Levitte	4d8148fa98	Remove leading and trailing spaces and tabs	2003-10-01 15:04:13 +00:00
Richard Levitte	aed29ce5ea	Avoid 'file names' with spaces	2003-10-01 15:03:15 +00:00
Richard Levitte	9ad82c123a	Use correct case for manual page references	2003-10-01 15:02:45 +00:00
Richard Levitte	eeff6bb6b3	Correct incorrect mode bits change.	2003-09-30 17:31:48 +00:00
Richard Levitte	d90e74c50c	Correct buggy PODs (missing commas and a prepended space).	2003-09-30 17:22:19 +00:00
Dr. Stephen Henson	2990244980	ASN1 parse fix and release file changes.	2003-09-30 16:47:33 +00:00
Richard Levitte	c798868d96	Further VxWorks changes from Bob Bradley <bob@chaoticsoftware.com>, this time involving VxWorks on MIPS	2003-09-28 14:06:57 +00:00
Richard Levitte	057a04398d	Synchronise util/libeay.num with the 0.9.7-stable one. make update	2003-09-28 09:34:50 +00:00
Richard Levitte	7f3ba9428f	Uhmm, It seem to have forgotten one file when I committed the MSDOS change yesterday. PR: 669	2003-09-28 07:11:33 +00:00
Richard Levitte	3c02e24bb3	Change the indentation from 12 to indent+4. PR: 657	2003-09-27 22:48:33 +00:00
Richard Levitte	1be02dd842	Make MD5 assembler code able to handle messages larger than 2GB on 32-bit systems and above. PR: 664	2003-09-27 22:14:39 +00:00
Richard Levitte	3d7c4a5a6d	Selected changes for MSDOS, contributed by Gisle Vanem <giva@bgnett.no>. PR: 669	2003-09-27 21:56:08 +00:00
Richard Levitte	11171f3c74	Add reference counting around the thread state hash table. Unfortunately, this means that the dynamic ENGINE version just went up, and isn't backward compatible. PR: 678	2003-09-27 20:29:05 +00:00
Dr. Stephen Henson	0b6df67fb1	file fips_dsa_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:16 +0000	2003-09-27 20:07:15 +00:00
Richard Levitte	ba9f80c5d5	Have ssl3_ssl3_send_client_verify() change the state to SSL3_ST_SW_CERT_VRFY_B. PR: 679	2003-09-27 19:32:06 +00:00
Richard Levitte	e59659dc41	Have ssl3_send_certificate_request() change the state to SSL3_ST_SW_CERT_REQ_B. PR: 680	2003-09-27 19:27:06 +00:00
Richard Levitte	253e893c2b	Include the instance in the Kerberos ticket information. In s_server, print the received Kerberos information. PR: 693	2003-09-27 17:55:13 +00:00
Dr. Stephen Henson	bf087e1ea1	file fips_rsa_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:21 +0000	2003-09-27 15:54:41 +00:00
Richard Levitte	0ad2c4f85b	Correct small documentation error. PR: 698	2003-09-27 10:39:16 +00:00
Richard Levitte	0e6c20da46	Free the Kerberos context upon freeing the SSL. Contributed by Andrew Mann <amann@tccgi.com>	2003-09-27 07:35:07 +00:00
Richard Levitte	f6b659cba4	Add necessary changes to be able to build on VxWorks for PPC860. Contributed by Bob Bradley <bob@chaoticsoftware.com>	2003-09-27 07:34:49 +00:00
Ralf S. Engelschall	6bd27f8644	Fix prime generation loop in crypto/bn/bn_prime.pl by making sure the loop does correctly stop and breaking ("division by zero") modulus operations are not performed. The (pre-generated) prime table crypto/bn/bn_prime.h was already correct, but it could not be re-generated on some platforms because of the "division by zero" situation in the script.	2003-09-25 13:57:58 +00:00
Dr. Stephen Henson	dfe399e7d9	Add -passin support to rsautl	2003-09-21 02:20:02 +00:00
Dr. Stephen Henson	7068c8b1a6	In order to get the expected self signed error when calling X509_verify_cert() in x509.c the cert should not be added to the trusted store.	2003-09-21 02:18:15 +00:00
Dr. Stephen Henson	885818fb7c	file fips_locl.h was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2003-09-14 13:01:52 +00:00
Dr. Stephen Henson	2f370048cb	file testfipsssl was added on branch OpenSSL_0_9_8-stable on 2008-09-17 16:27:50 +0000	2003-09-13 17:03:56 +00:00
Dr. Stephen Henson	28dc02a9d8	file fips_rsa_gen.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:21 +0000	2003-09-11 21:36:59 +00:00
Dr. Stephen Henson	54ebaca535	file fips_rsa_eay.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:21 +0000	2003-09-11 21:36:57 +00:00
Dr. Stephen Henson	82384690e2	Typos.	2003-09-09 23:44:39 +00:00
Richard Levitte	e6fa67fa93	Generalise the definition of strcasecmp() and strncasecmp() for platforms that don't (necessarely) have it. In the case of VMS, this means moving a couple of functions from apps/ to crypto/ and make them general (although only used privately).	2003-09-09 14:48:36 +00:00
Geoff Thorpe	9ea72d3705	These should be write-locks, not read-locks.	2003-09-08 15:47:55 +00:00
Dr. Stephen Henson	4fedc91a4a	file openssl_fips_fingerprint was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:10 +0000	2003-09-07 11:13:52 +00:00
Dr. Stephen Henson	f734aaa413	file fips_des_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:13 +0000	2003-09-04 16:46:43 +00:00
Dr. Stephen Henson	a575d4b9ee	file fips_aes_selftest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:12 +0000	2003-09-04 16:46:40 +00:00
Bodo Möller	a907751350	certain changes have to be listed twice in this file because OpenSSL 0.9.6h forked into 0.9.6i and 0.9.7 ...	2003-09-04 12:52:56 +00:00
Dr. Stephen Henson	560dfd2a02	New -ignore_err option in ocsp application to stop the server exiting on the first error in a request.	2003-09-03 23:56:01 +00:00
Dr. Stephen Henson	14f3d7c5cc	Only accept a client certificate if the server requests one, as required by SSL/TLS specs.	2003-09-03 23:47:34 +00:00
Dr. Stephen Henson	77a87ded3a	file fips_dsa_gen.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:15 +0000	2003-09-03 14:11:31 +00:00
Dr. Stephen Henson	b958d2c298	file fips_dssvs.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:16 +0000	2003-09-03 14:11:29 +00:00
Dr. Stephen Henson	510dc1ecd0	outlen should be int * in out_utf8.	2003-08-21 12:32:12 +00:00
Bodo Möller	563c05e2dc	fix out-of-bounds check in lock_dbg_cb (was too lose to detect all invalid cases) PR: 674	2003-08-14 10:33:56 +00:00
Bodo Möller	643ecd2ed6	make sure no error is left in the queue that is intentionally ignored	2003-08-11 18:56:22 +00:00
Richard Levitte	88401ed449	Correct two problems, found by Martin Kochanski <cardbox@easynet.co.uk>: 1. CreateToolhelp32Snapshot returns INVALID_HANDLE_VALUE, not NULL, on error. 2. On Windows CE, a snapshot handle is closed with CloseToolhelp32Snapshot, not CloseHandle.	2003-08-07 11:57:42 +00:00
Bodo Möller	3aa8d3a7f1	add OpenSSL license fix typo	2003-08-06 10:36:25 +00:00
Richard Levitte	5b6e7c8c65	Inclusion of openssl/engine.h should always be wrapped with a check that OPENSSL_NO_ENGINE is not defined.	2003-08-04 10:12:36 +00:00
Dr. Stephen Henson	dc72a195c2	file fips_desmovs.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:13 +0000	2003-07-30 18:30:14 +00:00
Dr. Stephen Henson	e2812ff61f	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:13 +0000	2003-07-30 18:30:12 +00:00
Dr. Stephen Henson	8c2e34e27f	file fips_randtest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2003-07-27 17:00:49 +00:00
Dr. Stephen Henson	31f3950fbf	file fips_rand.h was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2003-07-27 17:00:47 +00:00
Dr. Stephen Henson	75b3654d18	file fips_rand.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2003-07-27 17:00:45 +00:00
Dr. Stephen Henson	418f9ac5e3	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:18 +0000	2003-07-27 17:00:43 +00:00
Dr. Stephen Henson	ad4afe4edf	file fips_dsa_ossl.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:15 +0000	2003-07-27 17:00:41 +00:00
Dr. Stephen Henson	c844b971cb	file fips_dsatest.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:16 +0000	2003-07-27 17:00:39 +00:00
Dr. Stephen Henson	ca9b1c47af	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:15 +0000	2003-07-27 17:00:37 +00:00
Dr. Stephen Henson	86039d2751	file fips_aesavs.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:12 +0000	2003-07-27 17:00:35 +00:00
Dr. Stephen Henson	420a692f04	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:12 +0000	2003-07-27 17:00:33 +00:00
Dr. Stephen Henson	1d2a464fe0	file fips.h was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:09 +0000	2003-07-27 17:00:31 +00:00
Dr. Stephen Henson	7735dd0750	file fips.c was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:09 +0000	2003-07-27 17:00:29 +00:00
Dr. Stephen Henson	bf7b075f0c	file .cvsignore was added on branch OpenSSL_0_9_8-stable on 2008-09-16 10:12:09 +0000	2003-07-27 17:00:27 +00:00
Dr. Stephen Henson	f96d1af449	Avoid clashes with Win32 names in WinCrypt.h	2003-07-23 00:10:43 +00:00
Bodo Möller	968766cad8	updates for draft-ietf-tls-ecc-03.txt Submitted by: Douglas Stebila Reviewed by: Bodo Moeller	2003-07-22 12:34:21 +00:00
Bodo Möller	652ae06bad	add test for secp160r1 add code for kP+lQ timings Submitted by: Douglas Stebila <douglas.stebila@sun.com> Reviewed by: Bodo Moeller	2003-07-22 10:39:10 +00:00
Bodo Möller	ddc38679ce	tolerate extra data at end of client hello for SSL 3.0 PR: 659	2003-07-21 15:17:46 +00:00
Bodo Möller	02e0559477	fix: 0.9.7 is based on 0.9.6h, not on 0.9.6k typo in 0.9.6k section	2003-07-21 15:08:01 +00:00
Bodo Möller	ada0e717fa	new function EC_GROUP_cmp() (used by EVP_PKEY_cmp()) Submitted by: Nils Larsch	2003-07-21 13:43:28 +00:00
Bodo Möller	2c789c82be	manpages for 'openssl ec' and 'openssl ecparam' Submitted by: Nils Larsch	2003-07-21 13:40:02 +00:00
Richard Levitte	d143dce03c	A document that has a very rough description of the X509 functionality. This is mostly so there's a way to get from the crypto.html page to the function descriptions.	2003-07-10 08:49:03 +00:00
Richard Levitte	f9d183c209	Replace CCITT with ITU-T. Keep CCITT around as an alias. make update PR: 80	2003-07-04 15:45:04 +00:00
Richard Levitte	182cd19dea	Make sure openssl.pc is readable by everyone. PR: 654	2003-07-04 11:41:13 +00:00
Richard Levitte	61f00386ab	The counter is big-endian. Since it comes as an array of char, there's absolutely no need to special-case it on little-endian machines. Notified by Thierry Boivin <Thierry.Boivin@celsecat.com>	2003-07-04 11:37:50 +00:00
Richard Levitte	2ae0352b0f	Oops, I forgot to replace 'counter' with 'ivec' when used...	2003-07-03 20:50:44 +00:00
Richard Levitte	94805c84d1	Add -issuer_hash and make -subject_hash the default way to get the subject hash, with -hash a synonym kept around for backward compatibility reasons. PR: 650	2003-07-03 20:45:09 +00:00
Richard Levitte	6f2f534b58	The convenience argumetn for -nameopt and -certopt is ca_default, not default_ca. PR: 653	2003-07-03 07:46:52 +00:00
Richard Levitte	da6c44fc97	The 'counter' is really the IV.	2003-07-03 06:42:43 +00:00
Richard Levitte	da0d33560f	Change AES-CTR to increment the IV by 1 instead of 2^64.	2003-07-03 06:41:30 +00:00
Lutz Jänicke	9d19fbc4fc	Clarify wording of verify_callback() behaviour.	2003-06-26 14:03:03 +00:00
Richard Levitte	aa5ae4841e	Only remove old files if they exist. [Maing32]. Notified by Michael Gerdau <mgd@technosis.de>	2003-06-26 11:58:02 +00:00
Richard Levitte	eb3d68c454	Nils Larsch told me I could remove that variable entirely.	2003-06-26 11:52:23 +00:00
Richard Levitte	c89f31def0	make update	2003-06-26 10:27:11 +00:00
Richard Levitte	ed5fae580e	Implement missing functions. Have the f parameter to _ctrl functions have the prototype ()(void) rather than ()(), for the sake of C++ compilers. Disable unimplemented functionality.	2003-06-26 10:26:42 +00:00
Richard Levitte	d55141ed7a	"Remove" unused variable	2003-06-26 10:23:00 +00:00
Richard Levitte	a99ce1a574	Conform with the standard prototype for engine control functions.	2003-06-26 07:10:10 +00:00
Richard Levitte	c687a3d5d5	Scan through the engines directory as well.	2003-06-26 07:05:19 +00:00
Richard Levitte	dfc3151925	The definition of dynamic_ctrl() should change along with the declaration :-).	2003-06-26 07:03:49 +00:00
Bodo Möller	0fbffe7a71	implement PKCS #8 / SEC1 private key format for ECC Submitted by: Nils Larsch	2003-06-25 21:35:05 +00:00
Dr. Stephen Henson	037f6e73f1	Return EOF when an S/MIME part have been read.	2003-06-24 17:11:44 +00:00
Richard Levitte	cf82439de8	Make sure the compiler knows we run with pedantic settings.	2003-06-20 00:57:18 +00:00
Richard Levitte	37fcd48f86	make update	2003-06-19 23:00:50 +00:00
Richard Levitte	cf9a88cad7	Document the last change. PR: 587	2003-06-19 19:04:13 +00:00
Richard Levitte	4f1cd8324c	Prepare for changes in the 0.9.6 branch	2003-06-19 19:01:05 +00:00
Richard Levitte	ed7f1d0bc6	Prepare for changes in the 0.9.6 branch	2003-06-19 18:59:27 +00:00
Richard Levitte	f6b9cd7f82	We set the export flag for 512 bit keys, not 512 byte ones. PR: 587	2003-06-19 18:55:50 +00:00
Richard Levitte	8fbb2af392	Add documentation for the new crlnumber configuration option.	2003-06-19 17:52:57 +00:00
Richard Levitte	c5aba56c5b	Typo.	2003-06-19 17:50:37 +00:00
Richard Levitte	fd4ef69913	Implement CRL numbers. Contributed in whole by Laurent Genier <Laurent.Genier@intrinsec.com> PR: 644	2003-06-19 17:40:16 +00:00
Richard Levitte	834ac33a37	dynamic_ctrl() didn't have exactly the same prototype as defined by ENGINE_CTRL_FUNC_PTR.	2003-06-19 16:57:38 +00:00
Richard Levitte	4e9023f4d2	Unsigned vs. signed fixed.	2003-06-19 16:56:48 +00:00
Richard Levitte	d3a28e8b8d	EXIT() should mainly be exit(n), not return(n). OPENSSL_EXIT() will take care of returning if necessary.	2003-06-19 16:56:19 +00:00
Richard Levitte	0bd71d3b7e	Add the application data type to the README.	2003-06-18 07:14:52 +00:00
Richard Levitte	d97322f0e6	Missing string and potential memory leaks. Notified by Goetz Babin-Ebell <goetz@shomitefo.de>	2003-06-18 07:12:28 +00:00
Richard Levitte	b52d512dfa	Slightly better check of attributes. Now, mem_list_next can actually stop when the searched for key doesn't have it's attributes within the range of the checked key.	2003-06-12 21:32:54 +00:00
Richard Levitte	a3a2ff4cd9	Beautify	2003-06-12 18:13:27 +00:00
Richard Levitte	5a1fd87ec1	Typo. PR: 584	2003-06-12 01:04:05 +00:00
Richard Levitte	8645c415cf	Do not try to use non-existent gmtime_r() on SunOS4. PR: 585	2003-06-12 00:57:25 +00:00
Richard Levitte	700d86ea18	Make sure ssize_t is defined on SunOS4. PR: 585	2003-06-12 00:56:27 +00:00
Richard Levitte	54bbde3c3f	Make sure DSO-dlfcn works properly on SunOS4. PR: 585	2003-06-12 00:51:54 +00:00
Richard Levitte	c14b337570	Typo. PR: 593	2003-06-11 22:45:53 +00:00
Richard Levitte	e666c4599f	Add the possibility to have symbols loaded globally with DSO.	2003-06-11 22:42:28 +00:00
Richard Levitte	98cec7fc7b	make update	2003-06-11 22:27:19 +00:00
Richard Levitte	fadd2246a0	Avoid warnings saying that the format takes a void*.	2003-06-11 22:26:02 +00:00
Richard Levitte	c78b4f1d3d	Remove unused variable	2003-06-11 21:47:21 +00:00
Richard Levitte	33862b90bb	Add an entry for X509_TRUST_OBJECT_SIGN in trstandard[]. PR: 617	2003-06-11 21:22:30 +00:00
Richard Levitte	36bad5cdfd	Add documentation for ERR_set_mark() and ERR_pop_to_mark().	2003-06-11 20:51:49 +00:00
Richard Levitte	54f6451670	Add functionality to set marks on the error stack and to pop all errors to the next mark.	2003-06-11 20:49:58 +00:00
Richard Levitte	490967195a	Handle des_modes.pod properly. PR: 634	2003-06-11 19:44:37 +00:00
Richard Levitte	606c8048a0	Make sure to NUL-terminate the string on end-of-file (and error) PR: 643	2003-06-11 18:43:45 +00:00
Richard Levitte	e66d863cd0	Add crypto/store to the directories to look through.	2003-06-11 04:46:08 +00:00
Richard Levitte	a069460015	Document the AES_cbc_encrypt() change	2003-06-10 04:42:38 +00:00
Richard Levitte	55b12f8641	The output from AES_cbc_encrypt() should be exact multiple blocks when encrypting	2003-06-10 04:11:42 +00:00
Richard Levitte	40e5b9abeb	Typo	2003-06-09 07:56:18 +00:00
Geoff Thorpe	dcfb57c736	This memset() in the ubsec ENGINE is a bug. Zeroing out the result array should not be necessary in any case, but more importantly the result and input BIGNUMs could be the same, in which case this is clearly a problem. Submitted by: Jonathan Hersch Reviewed by: Joe Orton Approved by: Geoff Thorpe	2003-06-06 17:51:34 +00:00
Richard Levitte	2ee67f1dad	Make sure the sigaction structure and fileno function are properly declared with an ANSI compiler on Solaris (and possibly others).	2003-06-04 09:13:19 +00:00
Richard Levitte	4af3184662	Remove extra ;	2003-06-04 09:11:44 +00:00
Richard Levitte	e31047744a	Make sure the function definitions match their declaration.	2003-06-04 09:11:15 +00:00
Richard Levitte	f6eba601b0	Make sure that size_t matches size_t.	2003-06-04 09:10:43 +00:00
Richard Levitte	f796dc5c06	Make sure debug-solaris-sparcv9-gcc is consistent with solaris-sparcv9-gcc.	2003-06-04 09:10:11 +00:00
Dr. Stephen Henson	50078051bd	Really get X509_CRL_CHECK_ALL right this time...	2003-06-04 00:40:05 +00:00
Lutz Jänicke	db01746978	Clarify return value of SSL_connect() and SSL_accept() in case of the WANT_READ and WANT_WRITE conditions.	2003-06-03 09:59:44 +00:00
Dr. Stephen Henson	63b815583b	Update CHANGES to reflect base64 fix added to 0.9.7	2003-06-03 00:16:47 +00:00
Dr. Stephen Henson	ca82ac1fee	Only count 'LF' as EOL in pk7_mime.c, this avoids incorrect results if CR+LF straddles the line buffer.	2003-06-02 17:53:42 +00:00
Dr. Stephen Henson	aff0542844	Stop checking for CRLF when start of buffer is reached. Add rest of long line fix which got missed before	2003-06-02 01:12:01 +00:00
Dr. Stephen Henson	beab098d53	Various S/MIME bug and compatibility fixes.	2003-06-01 20:51:58 +00:00
Lutz Jänicke	02b95b7499	Clarify ordering of certificates when using certificate chains	2003-05-30 07:45:07 +00:00
Richard Levitte	c4d471552f	Include openssl/e_os.h so OPENSSL_SYSNAME_ULTRASPARC and other configuration macros get properly defined.	2003-05-29 22:22:30 +00:00
Richard Levitte	01fc834bc9	Have ASFLAGS be defined the same way as CFLAGS	2003-05-29 22:20:47 +00:00
Richard Levitte	f7f8d82aaa	PR: 630 Avoid looking outside the key_data array.	2003-05-29 20:59:38 +00:00
Lutz Jänicke	4f17dfcd75	Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before) Submitted by: dg@sunet.ru (Daniel Ginsburg) PR: #613	2003-05-28 20:24:57 +00:00
Lutz Jänicke	83b4f49c0a	Move header file inclusion to prevent irritation of users forgetting to call "make depend" after enabling or disabling ciphers... Submitted by: Tal Mozes <talm@cyber-ark.com> PR: #628	2003-05-28 19:56:46 +00:00
Dr. Stephen Henson	60790aff6f	PR: 627 Allocate certificatePolicies correctly if CPS field is absent. Fix various memory leaks in certificatePolicies.	2003-05-28 17:28:11 +00:00
Dr. Stephen Henson	e19d0ef068	PR: 631 Submitted by: Doug Sauder <dws+001@hunnysoft.com> Fix bug in X509V3_get_d2i() when idx in not NULL.	2003-05-28 16:57:08 +00:00
Richard Levitte	f5f7dffdd1	Make sure to compare unsigned against unsigned.	2003-05-28 10:34:29 +00:00
Richard Levitte	edd55d08f5	Brackets are now allowed, after a small hack in the processing of the docs-on-web.	2003-05-23 09:08:59 +00:00
Richard Levitte	83743ad039	Fix sign bugs. PR: 621	2003-05-21 14:29:13 +00:00
Richard Levitte	163f5b236c	Correct signedness	2003-05-21 14:21:26 +00:00
Richard Levitte	513c01a591	Make sure EC_window_bits_for_scalar_size() returns a size_t	2003-05-21 08:40:06 +00:00
Richard Levitte	d9a2a89a17	I have no idea how I cut away that piece of text...	2003-05-21 06:50:51 +00:00
Richard Levitte	31939f1544	I don't remember what my thinking was with str_compat.h. Maybe it'll come back to me...	2003-05-20 09:00:59 +00:00
Richard Levitte	11ce33a71d	make update	2003-05-20 08:59:37 +00:00
Richard Levitte	9acef3bbd7	Misspelled functions.	2003-05-20 08:50:18 +00:00
Richard Levitte	164bc7dae8	Some misspelled function names.	2003-05-20 08:49:12 +00:00
Richard Levitte	f59c941950	Make the function STORE_new_engine() public.	2003-05-19 23:06:09 +00:00
Richard Levitte	0239876511	Remove certain functions	2003-05-19 23:03:43 +00:00
Dr. Stephen Henson	93c929e411	The square brackets in BIO_s_bio.pod for some reason cause wml to bomb out with the error message: Slice:Error: Some slices were not closed: WML:Break: Error in Pass 9 (rc=1). ** WMK:Error: Error in WML (rc=256) As a workaround delete them for now.	2003-05-19 21:28:49 +00:00
Dr. Stephen Henson	c2dac35a02	Fix docs.	2003-05-18 23:10:46 +00:00
Dr. Stephen Henson	727ef76ebd	Add correct DN entry for serialNumber.	2003-05-07 23:20:58 +00:00
Richard Levitte	bca52f7d4e	Define the two authentication parameter types for passphrase and Kerberos 5 authentications.	2003-05-07 21:17:30 +00:00
Richard Levitte	48c36fdb2a	Add the possibility to hand execution parameters (for example authentication material) to the STORE functions. Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.	2003-05-07 21:06:15 +00:00
Richard Levitte	9b2042fac3	/usr/lib/pkgconfig/openssl.pc was never installed in the RPM. Notified by Bennett Todd <bet@rahul.net>.	2003-05-07 12:02:31 +00:00
Richard Levitte	816d785721	DO NOT constify RSA* in RSA_sign() and RSA_verify(), since there are function called downstream that need it to be non-const. The fact that the RSA_METHOD functions take the RSA* as a const doesn't matter, it just expresses that they won't touch it. PR: 602	2003-05-07 11:38:10 +00:00
Richard Levitte	742b139f54	Add the possibility to store arbitrary data in a STORE. Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.	2003-05-06 08:02:14 +00:00
Richard Levitte	3b30121bd9	Constify RSA_sign() and RSA_verify(). PR: 602	2003-05-05 13:55:18 +00:00
Richard Levitte	9ee789e6c3	Yeah, right, an object file ending with .c, that'll work!	2003-05-03 06:58:08 +00:00
Dr. Stephen Henson	b9d2d20086	Make DER option work again. Fix typo.	2003-05-02 11:41:40 +00:00
Richard Levitte	b9d7ca9748	It's usually best if the function name matches everywhere...	2003-05-02 07:25:54 +00:00
Richard Levitte	5b194dfbd5	STORE was created 2003, darnit!	2003-05-01 20:44:20 +00:00
Richard Levitte	7f6af7d9db	Get the year right...	2003-05-01 20:15:35 +00:00
Richard Levitte	42b2b6a2d5	Provide some extra comments about the STORE_Memory STORE method.	2003-05-01 04:31:12 +00:00
Richard Levitte	d1465bac90	make update	2003-05-01 04:10:32 +00:00
Richard Levitte	3bbb0212f3	Add STORE support in ENGINE.	2003-05-01 03:57:46 +00:00
Richard Levitte	a5db6fa576	Define a STORE type. For documentation, read the entry in CHANGES, crypto/store/README, crypto/store/store.h and crypto/store/str_locl.h.	2003-05-01 03:53:12 +00:00
Richard Levitte	9236b5b013	Define a STORE lock (the STORE type will be committed later).	2003-05-01 03:46:10 +00:00
Richard Levitte	535fba4907	Define the OPENSSL_ITEM structure.	2003-05-01 03:45:18 +00:00
Richard Levitte	7e4140f73f	make update	2003-04-29 22:24:17 +00:00
Richard Levitte	1ae0a83bdd	Add BUF_strndup() and BUF_memdup(). Not currently used, but I've code that uses them that I'll commit in a few days.	2003-04-29 22:08:57 +00:00
Richard Levitte	7ae46c6761	make update	2003-04-29 21:35:28 +00:00
Richard Levitte	d584fd6b66	Include objects.h to get a correct declaration of OBJ_bsearch_ex(), not to mention the OBJ_BSEARCH_* macros.	2003-04-29 20:46:32 +00:00
Richard Levitte	54dbdd9837	Some variables were uninitialised...	2003-04-29 20:45:36 +00:00
Richard Levitte	9d6c32d6d1	Correct documentation. sk_find_ex() doesn't return a pointer, it returns an index.	2003-04-29 20:31:58 +00:00
Richard Levitte	26851b6b42	Add an extended variant of sk_find() which returns a non-NULL pointer even if an exact match wasn't found.	2003-04-29 20:30:55 +00:00
Richard Levitte	ea5240a5ed	Add an extended variant of OBJ_bsearch() that can be given a few flags.	2003-04-29 20:25:21 +00:00
Bodo Möller	eec7968f18	fix typo Submitted by: Nils Larsch	2003-04-22 08:29:21 +00:00
Richard Levitte	1cc087fe4f	Make it possible to affect the extension of man pages. PR: 578	2003-04-21 22:00:36 +00:00
Richard Levitte	040c687ce4	Memory leak fix: RSA_blinding_on() didn't free Ai under certain circumstances. Memory leak fix: RSA_blinding_on() would leave a dangling pointer in rsa->blinding under certain circumstances. Double definition fix: RSA_FLAG_NO_BLINDING was defined twice.	2003-04-16 06:25:21 +00:00
Richard Levitte	cd1226bc6a	Memory leak fix: local blinding structure not freed in rsa_eay_private_decrypt()	2003-04-15 13:01:37 +00:00
Bodo Möller	7a04fdd87f	include 'Changes between 0.9.6i and 0.9.6j'	2003-04-11 15:03:12 +00:00
Richard Levitte	138f970e6e	Add the 0.9.6j news.	2003-04-10 20:38:24 +00:00
Richard Levitte	1a0c1f9052	make update	2003-04-10 20:11:09 +00:00
Richard Levitte	1774e22d6f	New NEWS	2003-04-10 19:33:09 +00:00
Richard Levitte	26abc8f01a	Remove all those infernal stupid CR characters	2003-04-10 19:11:32 +00:00
Richard Levitte	5924c21608	There's a problem building shared libraries on the sco5-gcc target. However, it's time for a release, so I'm just adding an enty in PROBLEMS, and will hopefully solve this for a later release	2003-04-10 18:36:31 +00:00
Richard Levitte	c93fbfaebc	Explicitely tell the compiler we're mips3 for the target irix-mips3-cc.	2003-04-10 05:46:51 +00:00
Dr. Stephen Henson	0b1c00abeb	Typo.	2003-04-10 00:04:02 +00:00
Richard Levitte	721688c2f8	Include rand.h, so RAND_status() and friends get properly declared.	2003-04-08 11:07:05 +00:00
Richard Levitte	a109220107	Correct a few typos. It seems that svr3 and svr5 differ, after all.	2003-04-08 09:27:43 +00:00
Richard Levitte	4a4a04622e	A single quote too many.	2003-04-08 08:58:56 +00:00
Richard Levitte	d6fd88fffd	I forgot to continuation mark.	2003-04-08 08:57:23 +00:00
Richard Levitte	e96133e4cf	It seems like OpenUnix's ld uses LD_LIBRARY_PATH to search for libraries. What's worse, the directories given in LD_LIBRARY_PATH are checked first! Therefore, we need a hack to prepend all the directories we give with -L to the current value of LD_LIBRARY_PATH, thereby temporarly forming a hacked value. Only copy LIBEXTRAS if they are given. Svr5 doesn't use -z allextract...	2003-04-08 08:36:20 +00:00
Lutz Jänicke	f65a75786b	Fix ordering of compare functions: strncmp() must be used first, a the cipher name in the list is not guaranteed to be at least "buflen" long. PR: 567 Submitted by: "Matt Harren" <matth@cs.berkeley.edu>	2003-04-08 06:31:36 +00:00
Richard Levitte	0b55368306	We seem to carry some rests of the 0.9.6 [engine] ENGINE framework, here in form of unneeded direct calls through the engine pointer..	2003-04-08 06:01:55 +00:00
Richard Levitte	43eb3b0130	We seem to carry some rests of the 0.9.6 [engine] ENGINE framework in form of unneeded includes of openssl/engine.h.	2003-04-08 06:00:05 +00:00
Richard Levitte	0a861ab7f3	RSA_FLAG_SIGN_VER indicates the special rsa_sign and rsa_verify function pointers should be used. It doesn't necessarely mean it should go through the ENGINE framework.	2003-04-07 19:15:25 +00:00
Richard Levitte	7b36590b17	What was I smoking? EVP_PKEY_cmp() should return with 0 if EVP_PKEY_cmp_parameters() returned 0, otherwise it should go on processing the public key component. Thia has nothing to do with the proper handling of EC parameters or not.	2003-04-07 10:15:32 +00:00
Richard Levitte	a8b728445c	Correct a typo. Have EVP_PKEY_cmp() call EVP_PKEY_cmp_parameters(), and make a note about the lack of parameter comparison for EC.	2003-04-07 10:09:44 +00:00
Richard Levitte	af0f0f3e8f	Constify	2003-04-06 15:31:18 +00:00
Richard Levitte	8d570498a2	Do not call ENGINE_setup_bsd_cryptodev() when OPENSSL_NO_ENGINE is defined. PR: 564	2003-04-05 21:21:26 +00:00
Richard Levitte	4c771796d5	Convert save_serial() to work like save_index(), and add a rotate_serial() that works like rotate_index().	2003-04-04 15:10:35 +00:00
Richard Levitte	d6df2b281f	Add documentation on the added functionality in 'openssl ca'.	2003-04-04 14:39:44 +00:00
Richard Levitte	6fcf735497	make update	2003-04-04 14:19:15 +00:00
Richard Levitte	b5f96e8818	There's no need to check for __attribute__ with ANSI functions, since we only check to the opening parenthesis anyway...	2003-04-04 14:19:00 +00:00
Richard Levitte	3ae70939ba	Correct a lot of printing calls. Remove extra arguments...	2003-04-03 23:39:48 +00:00
Richard Levitte	c433d72593	Make %p and %# work properly, at least with pointers and floats.	2003-04-03 23:35:14 +00:00
Richard Levitte	68b42986cb	Add GCC attributes when compiled with gcc. This helps find out if we're using the printing functions correctly or not. I used the corresponding attributes found in the header files of my Linux installation.	2003-04-03 23:06:05 +00:00
Richard Levitte	57544ee224	Counter for GCC attributes.	2003-04-03 23:04:48 +00:00
Richard Levitte	83b23ed967	One more debug line to conditionalise.	2003-04-03 23:01:20 +00:00
Richard Levitte	4342c5c1a0	Add a CA section, to make sure the test will work with the changes in CA.sh.	2003-04-03 22:38:31 +00:00
Richard Levitte	16b1b03543	Implement self-signing in 'openssl ca'. This makes it easier to have the CA certificate part of the CA database, and combined with 'unique_subject=no', it should make operations like CA certificate roll-over easier.	2003-04-03 22:33:59 +00:00
Richard Levitte	e6526fbf4d	Add functionality to help making self-signed certificate.	2003-04-03 22:27:24 +00:00
Richard Levitte	8152d88799	It's recommended to use req rather than x509 to create self-signed certificates	2003-04-03 22:12:48 +00:00
Richard Levitte	4ce4884a5b	Typo correction	2003-04-03 21:55:55 +00:00
Richard Levitte	db598fbce2	Don't try to free NULL values...	2003-04-03 20:03:23 +00:00
Richard Levitte	8382ec5d37	Reindent for readability.	2003-04-03 19:10:32 +00:00
Richard Levitte	0998cfaadd	Remove unused variable.	2003-04-03 19:07:27 +00:00
Richard Levitte	c4448f60d6	Reset the version number of the issuer certificate? I believe this hasn't been tested in a long while...	2003-04-03 18:50:15 +00:00
Richard Levitte	63b6fe2bf6	Conditionalise all debug strings.	2003-04-03 18:07:39 +00:00
Richard Levitte	f85b68cd49	Make it possible to have multiple active certificates with the same subject.	2003-04-03 16:33:03 +00:00
Bodo Möller	5679bcce07	make RSA blinding thread-safe	2003-04-02 09:50:22 +00:00
Richard Levitte	24692fc5d7	It seems like gcc-drivven shared library building on OpenUnix 8 requires -shared rather than -G.	2003-04-01 10:59:15 +00:00
Dr. Stephen Henson	4390d66179	Update from stable branch.	2003-03-31 22:29:25 +00:00
Richard Levitte	d678cc07ed	No need to test -setalias twice. PR: 556	2003-03-31 13:56:52 +00:00
Richard Levitte	6dd6da6005	Don't feil when indent is 0. PR: 559	2003-03-31 13:24:02 +00:00
Richard Levitte	03eeb07152	Add usage string for -fingerprint. PR: 560	2003-03-31 13:06:24 +00:00
Dr. Stephen Henson	1a15c89988	Multi valued AVA support.	2003-03-30 01:51:16 +00:00
Richard Levitte	d0a4bd00b6	OpenUNIX 8 has some problems using -G with gcc. Maybe using gnu-shared works better (will be tested tonight).	2003-03-28 08:57:04 +00:00
Lutz Jänicke	423b1a840c	Add warning about unwanted side effect when calling SSL_CTX_free(): sessions in the external session cache might be removed. Submitted by: "Nadav Har'El" <nyh@math.technion.ac.il> PR: 547	2003-03-27 22:04:05 +00:00
Richard Levitte	a47789e849	Update VMS building system	2003-03-26 14:34:38 +00:00
Dr. Stephen Henson	e5b0508a14	Update ocsp usage message and docs.	2003-03-26 00:46:47 +00:00
Richard Levitte	c4d00669a0	Let's limit the extent of the definition of _XOPEN_SOURCE.	2003-03-25 21:17:28 +00:00
Richard Levitte	d6cab100fa	Missed a few dollars. PR: 528	2003-03-25 20:56:06 +00:00
Dr. Stephen Henson	81bd0446a9	make update	2003-03-24 17:06:25 +00:00
Dr. Stephen Henson	520b76ffd9	Support for name constraints.	2003-03-24 17:04:44 +00:00
Dr. Stephen Henson	1c2d141238	Name Constraints OID.	2003-03-24 00:56:09 +00:00
Lutz Jänicke	32e75dd3f0	Add SCO5 shared library scripts. Upate SVR5 scripts for the upcoming 0.9.7b. Submitted by: Boyd Lynn Gerber <gerberb@zenez.com>	2003-03-23 10:18:05 +00:00
Richard Levitte	abfc6a3a9b	To define OPENSSL_NO_FP_API for all MSDOS type targets was unfair against DJGPP, and much more restricted than previous definitions.	2003-03-22 22:33:52 +00:00
Dr. Stephen Henson	5cc5ec1bba	make update	2003-03-21 16:28:29 +00:00
Dr. Stephen Henson	f80153e20b	Support for policy constraints.	2003-03-21 16:26:20 +00:00
Bodo Möller	33b34a9d8f	remove patch ID (which is supposed to appear in patched variants of old OpenSSL releases, but not in new releases)	2003-03-21 13:11:14 +00:00
Richard Levitte	9b94f215b1	Define COMP method function prototypes properly.	2003-03-21 00:05:14 +00:00
Richard Levitte	8b5bcef798	Make sure to declare mem*() properly.	2003-03-21 00:04:14 +00:00
Richard Levitte	ea17e1f00f	make update	2003-03-20 23:54:33 +00:00
Richard Levitte	543105ac17	Don't put configuration macro definitions on the command line, we're just fooling ourselves and then screwing up for other applications.	2003-03-20 23:52:41 +00:00
Richard Levitte	3789284807	Sometimes, we have partial comments on the same line as other stuff we parse. Make sure to read in the whole comment, so it can be entirely removed.	2003-03-20 23:51:35 +00:00
Richard Levitte	be9bec9bc7	Make sure we get the definition of OPENSSL_NO_RSA.	2003-03-20 23:34:28 +00:00
Richard Levitte	9c35452842	Make sure we get the definition of OPENSSL_NO_HMAC and OPENSSL_NO_SHA.	2003-03-20 23:34:08 +00:00
Richard Levitte	69104cdf34	Make sure we get the definition of OPENSSL_NO_SHA.	2003-03-20 23:32:16 +00:00
Richard Levitte	dfefdb41f7	Make sure we get the definition of OPENSSL_NO_RIPEMD.	2003-03-20 23:31:56 +00:00
Richard Levitte	cd6ab56da0	Make sure we get the definition of OPENSSL_NO_MDC2.	2003-03-20 23:31:44 +00:00
Richard Levitte	c988c9b839	Make sure we get the definition of OPENSSL_NO_MD5.	2003-03-20 23:31:34 +00:00
Richard Levitte	bff8e1dddb	Make sure we get the definition of OPENSSL_NO_MD4.	2003-03-20 23:31:24 +00:00
Richard Levitte	641e6ef2cb	Make sure we get the definition of OPENSSL_NO_MD2.	2003-03-20 23:30:04 +00:00
Richard Levitte	9e9e8cb6a8	Make sure we get the definition of OPENSSL_NO_DES.	2003-03-20 23:29:38 +00:00
Richard Levitte	f118514501	Make sure we get the definition of OPENSSL_NO_RC5.	2003-03-20 23:29:26 +00:00
Richard Levitte	39c4b7092c	Make sure we get the definition of OPENSSL_NO_RC4.	2003-03-20 23:29:17 +00:00
Richard Levitte	c7e7fc3ee4	Make sure we get the definition of OPENSSL_NO_RC2.	2003-03-20 23:29:06 +00:00
Richard Levitte	786b0075d5	Make sure we get the definition of OPENSSL_NO_IDEA.	2003-03-20 23:28:55 +00:00
Richard Levitte	fb10590910	Make sure we get the definition of OPENSSL_NO_CAST.	2003-03-20 23:28:27 +00:00
Richard Levitte	abf21308d2	Make sure we get the definition of OPENSSL_NO_BF.	2003-03-20 23:28:16 +00:00
Richard Levitte	8c84b677e2	Make sure we get the definition of OPENSSL_NO_AES.	2003-03-20 23:28:03 +00:00
Richard Levitte	d5ef144222	Make sure we get the definition of a number of OPENSSL_NO_* macros.	2003-03-20 23:27:17 +00:00
Richard Levitte	741dae576f	Make sure we get the definition of OPENSSL_NO_BIO.	2003-03-20 23:26:46 +00:00
Richard Levitte	59ade20500	Include e_os.h correctly.	2003-03-20 23:26:32 +00:00
Richard Levitte	c11b9af75e	Make sure we get the definition of OPENSSL_NO_MD2.	2003-03-20 23:24:59 +00:00
Richard Levitte	08a54f6e6a	Make sure we get the definition of OPENSSL_NO_FP_API.	2003-03-20 23:24:47 +00:00
Richard Levitte	8305477157	Make sure we get the definition of OPENSSL_NO_IDEA and IDEA_INT.	2003-03-20 23:24:32 +00:00
Richard Levitte	e8cc7de4f4	Make sure we get the definition of OPENSSL_NO_HMAC.	2003-03-20 23:23:43 +00:00
Richard Levitte	3b6aa36c77	Make sure we get the definition of OPENSSL_NO_ECDSA.	2003-03-20 23:22:31 +00:00
Richard Levitte	03829b2b47	Make sure we get the definition of OPENSSL_NO_ECDH.	2003-03-20 23:22:17 +00:00
Richard Levitte	87c9c659de	Make sure we get the definition of OPENSSL_NO_EC.	2003-03-20 23:22:06 +00:00
Richard Levitte	751ff1d376	Make sure we get the definition of OPENSSL_NO_DSA and OPENSSL_NO_SHA.	2003-03-20 23:21:51 +00:00
Richard Levitte	d3ae5b1c8a	Make sure we get the definition of OPENSSL_NO_DH.	2003-03-20 23:21:27 +00:00
Richard Levitte	0f3879455b	Make sure we get the definition of OPENSSL_EXTERN, OPENSSL_NO_DES, DES_LONG and OPENSSL_NO_DESCBCM.	2003-03-20 23:21:10 +00:00
Richard Levitte	0c7d61ee0e	Make sure we get the definition of OPENSSL_NO_CAST.	2003-03-20 23:20:15 +00:00
Richard Levitte	78951e7711	Make sure we get the definition of OPENSSL_NO_ERR.	2003-03-20 23:19:41 +00:00
Richard Levitte	9ba4cc007b	Make sure we get the definition of OPENSSL_NO_SOCK.	2003-03-20 23:18:32 +00:00
Richard Levitte	7b5a6c7a62	Make sure we get the definition of OPENSSL_NO_FP_API.	2003-03-20 23:17:23 +00:00
Richard Levitte	44deca977d	Make sure we get the definition of OPENSSL_NO_BF.	2003-03-20 23:17:04 +00:00
Richard Levitte	536b73e78e	Make sure we get the definition of OPENSSL_NO_BIO and OPENSSL_NO_RSA.	2003-03-20 23:16:45 +00:00
Richard Levitte	940767b03f	Make sure we get the definition of OPENSSL_NO_AES.	2003-03-20 23:15:51 +00:00
Richard Levitte	d4a47a5778	Because it may be needed in public header files, move the definition of OPENSSL_NO_FP_API on existence of OPENSSL_SYS_MSDOS to e_os2.h.	2003-03-20 23:14:49 +00:00
Dr. Stephen Henson	b24668626e	make update	2003-03-20 17:59:39 +00:00
Dr. Stephen Henson	ea3675b5b6	New ASN1 macros to just implement and declare the new and free functions and changes to mkdef.pl so it recognises them. Use these in policyMappings extension.	2003-03-20 17:58:33 +00:00
Bodo Möller	c554155b58	make sure RSA blinding works when the PRNG is not properly seeded; enable it automatically for the built-in engine	2003-03-20 17:31:30 +00:00
Dr. Stephen Henson	a1d12daed2	Support for policyMappings	2003-03-20 17:26:44 +00:00
Dr. Stephen Henson	6f528cac5a	Typo: OID should be policyMappings	2003-03-20 17:14:27 +00:00
Dr. Stephen Henson	10a66ad389	Avoid warning.	2003-03-20 17:09:46 +00:00
Richard Levitte	e986704d24	Add documentation for -starttls (s_client) and -id_prefix (s_server). PR: 542	2003-03-20 16:34:27 +00:00
Dr. Stephen Henson	ce06265a37	make update	2003-03-20 14:21:36 +00:00
Richard Levitte	439909a068	Some shells (ksh in this case) don't say 'command not found'. PR: 540	2003-03-20 11:44:28 +00:00
Richard Levitte	d177e6180d	Spelling errors. PR: 538	2003-03-20 11:41:59 +00:00
Richard Levitte	48f1fa7482	Make sure that all the library paths are modified in prepend mode, not replace mode. PR: 528	2003-03-20 11:37:47 +00:00
Richard Levitte	aa9d896b0d	hinv may generate more than one line (1 line per CPU). PR: 520	2003-03-20 11:15:12 +00:00
Richard Levitte	42a559163d	Shut up an ANSI compiler about uninitialised variables. PR: 517	2003-03-20 10:57:09 +00:00
Richard Levitte	3285eb336c	Add the target linux-ia64-ecc, suggested by Keith Thompson <kst@sdsc.edu>. PR: 516	2003-03-20 10:50:36 +00:00
Bodo Möller	02da5bcd83	countermeasure against new Klima-Pokorny-Rosa atack	2003-03-19 19:19:53 +00:00
Dr. Stephen Henson	9ed1fa4813	Fix Certificate and CRL adding in X509_load_cert_crl_file: an X509_INFO structure can contain more than one object, for example a certififcate and a CRL.	2003-03-19 13:55:48 +00:00
Bodo Möller	500df82a96	fix formatting	2003-03-18 12:52:02 +00:00
Dr. Stephen Henson	e8e0e3716a	Fix for no-ec on Windows.	2003-03-15 01:28:55 +00:00
Dr. Stephen Henson	bc441b739b	Don't give an error if response reason absent in OCSP HTTP.	2003-03-14 23:38:34 +00:00
Dr. Stephen Henson	e6539fe22d	Add entry for domainComponent so it is treated correctly. Add table order test to end of a_strnid.c	2003-03-14 01:44:42 +00:00
Dr. Stephen Henson	ba5df66a8b	Add some OIDs.	2003-03-13 23:37:55 +00:00
Dr. Stephen Henson	12d4e7b8c8	Fix PEDANTIC stuff...	2003-03-13 21:28:03 +00:00
Geoff Thorpe	bba2cb3ada	Fix a bone-head bug. This warrants a CHANGES entry because it could affect applications if they were passing a bogus 'flags' parameter yet having things work as they wanted anyway.	2003-03-13 20:28:42 +00:00
Dr. Stephen Henson	52c4c51f02	Return an error if gmtime returns NULL.	2003-03-13 14:13:53 +00:00
Dr. Stephen Henson	767712fa62	Avoid warnings for no-engine and PEDANTIC	2003-03-12 02:38:57 +00:00
Dr. Stephen Henson	90e8a3102b	Fixes for EVP_DigestInit_ex() and OPENSSL_NO_ENGINE.	2003-03-12 02:31:40 +00:00
Geoff Thorpe	879650b866	The default implementation of DSA_METHOD has an interdependence on the dsa_mod_exp() and bn_mod_exp() handlers from dsa_do_verify() and dsa_sign_setup(). When another DSA_METHOD implementation does not define these lower-level handlers, it becomes impossible to do a fallback to software on errors using a simple DSA_OpenSSL()->fn(key). This change allows the default DSA_METHOD to function in such circumstances by only using dsa_mod_exp() and bn_mod_exp() handlers if they exist, otherwise using BIGNUM implementations directly (which is what those handlers did before this change). There should be no noticable difference for the software case, or indeed any custom case that didn't already segfault, except perhaps that there is now one less level of indirection in all cases. PR: 507	2003-03-11 01:49:21 +00:00
Bodo Möller	176f31ddec	- new ECDH_compute_key interface (KDF is no longer a fixed built-in) - bugfix: in ECDH_compute_key, pad x coordinate with leading zeros if necessary	2003-02-28 15:37:10 +00:00
Bodo Möller	fe14ee96db	memset problem has been handled PR: 343	2003-02-28 15:17:45 +00:00
Bodo Möller	57376542a0	use tabs for indentation, not spaces	2003-02-28 15:07:10 +00:00
Dr. Stephen Henson	b8dc9693a7	Encryption BIOs misbehave when used with non blocking I/O. Two fixes: 1. If BIO_write() fails inside enc_write() it should return the total number of bytes successfully written. 2. If BIO_write() fails during BIO_flush() it should return immediately with the error code: previously it would fall through to the final encrypt, corrupting the buffer.	2003-02-27 14:07:59 +00:00
Dr. Stephen Henson	6ac26a5ce5	Typo.	2003-02-27 13:02:46 +00:00
Bodo Möller	155bd1137e	add Certicom licensing e-mail address	2003-02-27 12:25:35 +00:00
Dr. Stephen Henson	f0dc08e656	Support for dirName from config files in GeneralName extensions.	2003-02-27 01:54:11 +00:00
Dr. Stephen Henson	e9ec63961b	Fix indefinite length encoding so EOC correctly updates the buffer pointer. Rename PKCS7_PARTSIGN to PKCS7_STREAM. Guess what that's for :-)	2003-02-25 19:03:31 +00:00
Bodo Möller	0185803cc2	year 2003	2003-02-24 17:18:01 +00:00
Bodo Möller	5c9a9c9c33	include OpenSSL license (in addition to EAY license)	2003-02-24 17:15:28 +00:00
Ulf Möller	63ff3e83fc	Add instructions for building the MinGW target in Cygwin, and rearrange some of the other text for better readability.	2003-02-22 23:03:42 +00:00
Ulf Möller	b4f43344d5	Copy rather than symlink the test data. This is needed because Windows doesn't support symlinks. The Cygwin/MinGW build now passes "make test".	2003-02-22 22:19:48 +00:00
Ulf Möller	c8c5cec1f9	remove some more useless code. The mingw target can now be built under cygwin.	2003-02-22 22:15:31 +00:00
Ulf Möller	66ecdf3bfb	more mingw related cleanups.	2003-02-22 18:00:14 +00:00
Richard Levitte	7841edc9c1	Remove duplication and have clean depend on libclean	2003-02-22 15:04:03 +00:00
Richard Levitte	132eaa59da	Allow building applications against static libraries with Makefile.shared.	2003-02-22 14:41:34 +00:00
Dr. Stephen Henson	5562cfaca4	Base64 bio fixes. The base64 bio was seriously broken when reading from a non blocking BIO. It would incorrectly interpret retries as EOF, incorrectly buffer initial data and have no buffering at all after initial data (data would be sent one byte at a time to EVP_DecodeUpdate).	2003-02-22 02:12:52 +00:00
Ulf Möller	c8252b71b5	add test	2003-02-22 01:20:55 +00:00
Ulf Möller	94949a50aa	avoid duplicate definiton of bn_sub_part_words	2003-02-21 23:19:50 +00:00
Ulf Möller	0214893e6a	clean up MinGW build. MinGW make now supports the Windows path name conventions.	2003-02-21 22:59:20 +00:00
Ulf Möller	5be4a42e99	update mingw info	2003-02-21 22:09:52 +00:00
Bodo Möller	f2aa055ec6	treat 'out' like i2d functions do; cf. asn1_item_flags_i2d (crypto/asn/tasn_enc.c)	2003-02-21 16:06:39 +00:00
Bodo Möller	62e3163b1b	ECPublicKey_set_octet_string and ECPublicKey_get_octet_string behaviour was not quite consistent with the conventions for d2i and i2d functions as far as handling of the 'out' or 'in' pointer is concerned. This patch changes this behaviour, and renames the functions to o2i_ECPublicKey and i2o_ECPublicKey (not 'd2i' and 'i2d' because the external encoding is just a raw object string without any DER icing). Submitted by: Nils Larsch	2003-02-21 13:58:23 +00:00
Dr. Stephen Henson	8214e74f76	Ooops forgot to recognise V_ASN1_GENERALSTRING.	2003-02-20 17:13:21 +00:00
Dr. Stephen Henson	542a1b1a2e	Re enable the read side non blocking test BIO code. For some reason it was disabled...	2003-02-20 13:39:30 +00:00
Dr. Stephen Henson	5672e3a321	Fix bug in base64 bios during write an non blocking I/O: if the write fails when flushing the buffer return the value to the application so it can retry.	2003-02-20 13:37:48 +00:00
Bodo Möller	fbbfd86b67	typo PR: 511 Submitted by: Eric Cronin	2003-02-19 16:29:47 +00:00
Richard Levitte	d8cbc93585	Update release information	2003-02-19 14:02:37 +00:00
Richard Levitte	5b0b0e98ce	Security fix: Vaudenay timing attack on CBC. An advisory will be posted to the web. Expect a release within the hour.	2003-02-19 12:03:59 +00:00
Richard Levitte	d5234c7b3a	Make sure the memory allocation routines check for negative sizes	2003-02-19 11:54:42 +00:00
Richard Levitte	77e270d10e	Borland C++ Builder 5 complains about unreachable statements.	2003-02-19 11:22:15 +00:00
Dr. Stephen Henson	c893bffae7	Update debub-steve* entries.	2003-02-19 01:04:34 +00:00
Dr. Stephen Henson	988e8458ad	Typo.	2003-02-18 12:46:47 +00:00
Richard Levitte	758f942b88	Make the no-err option work properly	2003-02-18 12:14:57 +00:00
Bodo Möller	26e9724458	Remove "+Olibcalls" option from HPUX targets. Reportedly this option is deprecated, and on some systems "make test" fails if it is included. PR: 495	2003-02-16 20:10:23 +00:00
Geoff Thorpe	4879ec7bf3	Session cache implementations shouldn't have to access SSL_SESSION elements directly, so this missing functionality is required. PR: 276	2003-02-15 20:38:57 +00:00
Geoff Thorpe	b653327d47	Declare prototypes for function pointer types, even if they are likely to be cast later on.	2003-02-15 20:32:13 +00:00
Dr. Stephen Henson	4cadedef57	Update docs.	2003-02-15 01:09:55 +00:00
Dr. Stephen Henson	27068df7e0	Single pass processing to cleartext S/MIME signing.	2003-02-15 00:50:55 +00:00
Geoff Thorpe	b12753dffc	We cache a montgomery form for 'n' if the PUBLIC flag is set, not PRIVATE. Also, I've added handling for other mod_exp calls that were not using any cached montgomery forms. These cases matter only for special RSA keys (eg. ones that are missing information) so are unlikely to be used in normal circumstances.	2003-02-15 00:18:38 +00:00
Geoff Thorpe	79221bc265	David Brumley <dbrumley@stanford.edu> noted and corrected a case in the verification step of CRT private key operations in the RSA code - previously no montgomery form was checked or used for 'n', and so it would be generated on the fly each time. As a result, private key operations are now a percent or two faster. Rather than adding this as another repetition of the nearly-identical montgomery "check for first-use" initialisation code blocks, I've taken this chance to create a helper function and macro-wrapper to replace them. PR: 475	2003-02-14 23:21:19 +00:00
Bodo Möller	ffa49dc3d9	make update	2003-02-14 14:21:58 +00:00
Richard Levitte	b7bbac72c4	Add support for IA64. PR: 454	2003-02-14 13:30:35 +00:00
Richard Levitte	c1269c81fd	Handle krb5 libraries separately and make sure only libssl.so depends on it.	2003-02-14 13:12:00 +00:00
Richard Levitte	794a386af3	Update linux-mips and linux-mipsel to support threads and shared libraries. I also updated the bn_ops field with values taken from OpenBSD-mips. PR: 498	2003-02-14 08:56:21 +00:00
Richard Levitte	e270cf9c5e	Pay attention to disabled SSL versions. PR: 500	2003-02-14 05:24:22 +00:00
Richard Levitte	7e38616d1f	Change no_rmd160 to no_ripemd for consistency. PR: 500	2003-02-14 05:20:25 +00:00
Richard Levitte	85d686e723	Make it possible to disable OCSP, the speed application, and the use of sockets. PR: 358	2003-02-14 01:02:58 +00:00
Richard Levitte	2d3de726c5	Add full support for -rpath/-R, both in shared libraries and applications, at least on the platforms where it's known how to do it. Note: this has only been tested on GNU-based platforms (Linux), and needs to be tested on all others. Additionally, it's not yet supported on the following platforms, for lack of information: Darwin (MacOS X) Cygwin OSF1/Alpha SVR3 ReliantUNIX Please help out with testing and the platforms we don't yet know well enough.	2003-02-13 23:52:54 +00:00
Richard Levitte	4989f0599f	Another long name to deal with	2003-02-13 13:21:13 +00:00
Richard Levitte	e4b52ac353	Oh, the destest program did look at the return value...	2003-02-13 08:53:40 +00:00
Bodo Möller	abd22c9c46	new lock for EC_PRE_COMP structures Submitted by: Nils Larsch	2003-02-12 22:01:12 +00:00
Bodo Möller	ba729265a8	Allow EC_GROUP objects to share precomputation for improved memory efficiency (EC_PRE_COMP objects are now constant once completed). Extend 'extra_data' API to support arbitrarily many slots (although we need only one at the moment). Modify EC internal 'extra_data' API: EC_GROUP_[clear_]free_extra_data now frees only a single slot (the previous functions are available as EC_GROUP_[clear_]free_all_extra_data). Submitted by: Nils Larsch Reviewed by: Bodo Moeller	2003-02-12 18:30:16 +00:00
Richard Levitte	9ec1d35f29	Adjust DES_cbc_cksum() so the returned value is the same as MIT's mit_des_cbc_cksum(). The difference was first observed, then verified by looking at the MIT source.	2003-02-12 17:20:39 +00:00
Dr. Stephen Henson	cf56663fb7	Option to disable SSL auto chain build	2003-02-12 17:06:02 +00:00
Bodo Möller	ea513641d0	comments	2003-02-12 14:17:41 +00:00
Bodo Möller	8537943e8b	first section is now "Changes between 0.9.7a and 0.9.8", not "... 0.9.7 and 0.9.8"	2003-02-11 16:42:30 +00:00
Dr. Stephen Henson	a8f5b2ed50	GeneralString support in mini-ASN1 compiler	2003-02-11 14:06:27 +00:00
Dr. Stephen Henson	33075f229e	Typo.	2003-02-10 17:52:10 +00:00
Richard Levitte	28f573a28d	Make sure memcpy() is properly declared by including string.h.	2003-02-10 11:14:35 +00:00
Bodo Möller	e2c9c91b5b	fix EC_GROUP_copy for EC_GFp_nist_method() Submitted by: Nils Larsch	2003-02-08 19:51:37 +00:00
Bodo Möller	d42d2d1ab6	avoid coredump Submitted by: Nils Larsch	2003-02-08 19:49:16 +00:00
Bodo Möller	65b254e8c0	remove debugging leftovers	2003-02-08 15:56:05 +00:00
Bodo Möller	82871eaa17	comment	2003-02-07 11:54:57 +00:00
Bodo Möller	24893ca999	typo	2003-02-06 19:32:06 +00:00
Richard Levitte	27a9bf17c7	PKCS#1 has a new RFC, which we do implement	2003-02-06 19:30:06 +00:00
Bodo Möller	37c660ff9b	implement fast point multiplication with precomputation Submitted by: Nils Larsch Reviewed by: Bodo Moeller	2003-02-06 19:25:12 +00:00
Bodo Möller	772ec4135c	typo in WIN16 section Submitted by: Toni Andjelkovic <toni@soth.at>	2003-02-05 16:54:10 +00:00
Bodo Möller	0e9035ac98	SSL_add_dir_cert_subjects_to_stack now exists for WIN32	2003-02-05 16:40:29 +00:00
Dr. Stephen Henson	4e5d3a7f98	IPv6 display and input support for extensions usingh GeneralName.	2003-02-05 00:34:31 +00:00
Bodo Möller	379e568950	typo	2003-02-04 12:57:34 +00:00
Bodo Möller	c09a297892	Update PRNG entry: - OpenSSL version differences - Sun /dev/urandom patch information	2003-02-04 12:28:11 +00:00
Ben Laurie	2619676256	Old-style callbacks can be NULL!	2003-02-01 20:58:59 +00:00
Ben Laurie	33cc07f79a	Fix warning.	2003-02-01 20:55:29 +00:00
Richard Levitte	c029841e36	We can't say in advance what the argument to BIO_socket_ioctl() should be, so let's make that a void *. Also, BIO_socket_nbio() should send it an int argument, not a long. PR: 457	2003-01-31 12:20:35 +00:00
Richard Levitte	bfa3555081	Document -engine where missing. PR: 424	2003-01-30 22:02:27 +00:00
Richard Levitte	5d780babe3	A few small bugs with BIO popping. PR: 364	2003-01-30 21:49:12 +00:00
Richard Levitte	5cd48abf9f	The util scripts need to handled no-hw. PR: 327	2003-01-30 20:03:45 +00:00
Richard Levitte	db5006df04	The MASM situation is more difficult than described so far. It is part of VC++ 7. PR: 327	2003-01-30 19:05:25 +00:00
Richard Levitte	3d6a84c42a	For VC++7 and up, the file is VSVARS32.BAT. PR: 327	2003-01-30 19:01:56 +00:00
Richard Levitte	5fe11c7533	The OPENSSL_NO_ENGINE has small problem: it changes certain structures. That's bad, so let's not check OPENSSL_NO_ENGINE in those places. Fortunately, all the header files where the problem existed include ossl_typ.h, which makes a 'forward declaration' of the ENGINE type.	2003-01-30 18:52:46 +00:00
Richard Levitte	a1d57849b3	make update	2003-01-30 17:53:02 +00:00
Richard Levitte	0b13e9f055	Add the possibility to build without the ENGINE framework. PR: 287	2003-01-30 17:39:26 +00:00
Geoff Thorpe	96f7065f63	Summarise the last couple of commits.	2003-01-30 15:52:40 +00:00
Geoff Thorpe	f3c22ef10d	This glues the GMP wrapper ENGINE into OpenSSL if it is being built (ie. if the OPENSSL_USE_GMP symbol is defined). Also, I've re-ordered the listing of other builtin ENGINEs to be alphabetical (though "dynamic" will still come first).	2003-01-30 15:49:03 +00:00
Geoff Thorpe	a85bef1899	Commit a slightly modified version of an old experiment to do RSA private key operations using the GMP library. The default is not to build (or use) this code unless OPENSSL_USE_GMP is defined (because it will impose header and linker dependencies that might need specifying too).	2003-01-30 15:43:07 +00:00
Geoff Thorpe	bb3e67f315	"openssl engine" will not display ENGINE/DSO load failure errors when testing availability of engines with "-t" - the old behaviour of is produced by increasing the feature's verbosity with "-tt".	2003-01-30 14:58:44 +00:00
Richard Levitte	c0a93e31ab	Small typo, OENSSL should really be spelled OPENSSL. PR: 476	2003-01-30 11:08:44 +00:00
Richard Levitte	2e60ea7634	Fix a memory leak in SSL. PR: 477	2003-01-30 11:00:34 +00:00
Richard Levitte	4e78074b39	cert_sk isn't always allocated, so freeing it may cause a crash. PR: 481	2003-01-30 10:27:43 +00:00
Richard Levitte	b637670f03	DVCS (see RFC 3029) was missing among the possible purposes. Notified privately to me by Peter Sylvester <Peter.Sylvester@EdelWeb.fr>, one of the authors of said RFC	2003-01-29 15:06:35 +00:00
Bodo Möller	bd1217a176	simplify Submitted by: Nils Larsch	2003-01-28 13:08:21 +00:00
Dr. Stephen Henson	da45180de4	Correct EVP_SealInit() documentation, iv is an output parameter.	2003-01-26 13:38:56 +00:00
Bodo Möller	82516e3baf	cofactor is optional in parameter encodings Submitted by: Nils Larsch	2003-01-25 15:28:49 +00:00
Bodo Möller	c1862f9136	consistency	2003-01-24 22:28:32 +00:00
Bodo Möller	9048c7245b	For ecdsa-with-SHA1, as for id-dsa-with-sha1, omit 'parameters' in AlgorithmIdentifier Submitted by: Nils Larsch	2003-01-24 21:43:08 +00:00
Andy Polyakov	02bf9a151a	Provide "dummy" &main::picmeup even in Windows perlasm modules.	2003-01-24 09:39:31 +00:00
Dr. Stephen Henson	d3b5cb5343	Check return value of gmtime() and add error codes where it fails in ASN1_TIME_set(). Edit asn1.h so the new error code is the same in 0.9.7 and 0.9.8, rebuild new error codes. Clear error queue in req.c if _min or _max is absent.	2003-01-24 01:12:01 +00:00
Andy Polyakov	97e6bf6b22	Workaround for lame compiler bug introduced in "CPU pack" for MSVC6SP5.	2003-01-23 10:05:39 +00:00
Andy Polyakov	04da4558dd	The patch speaks for itself.	2003-01-23 09:52:34 +00:00
Richard Levitte	0c3426da86	Missing 0 broke FreeBSD build. PR: 470	2003-01-23 08:10:04 +00:00
Bodo Möller	9b3f03d5a2	fix warnings Submitted by: Nils Larsch	2003-01-21 09:53:14 +00:00
Andy Polyakov	9abff96b2f	Suggestion was to change ${MACHINE} to i586 in lines in question. Well, "whatever" doesn't the same (avoids 386 being passed to ./Configure), consistent with other elder SCO targets and denotes that we probably shouldn't care much about every out-of-date platform.	2003-01-19 21:47:06 +00:00
Andy Polyakov	722d17cbac	This is an initial tune-up. This update puts Itanium2 back on par with Itanium. I mean if overall performance improvement over C version was X for Itanium, it's X even for Itanium2.	2003-01-19 21:29:59 +00:00
Andy Polyakov	59b846c515	Oops! Missed closing quote... Didn't have time to verify before a snapshot was cut...	2003-01-19 11:39:19 +00:00
Andy Polyakov	42bf2a5cdc	SCO target missed .so suffix.	2003-01-18 21:57:30 +00:00
Andy Polyakov	80bcbaa02f	-lresolv is not present on SCO Unix, RT#460.	2003-01-18 18:12:23 +00:00
Andy Polyakov	7c4e24af38	Caldera/SCO targets erroneously limit themselves to 386. See RT#464.	2003-01-18 15:17:26 +00:00
Andy Polyakov	726c223143	Fix for AIX shared build, see RT#463.	2003-01-18 15:13:03 +00:00
Dr. Stephen Henson	59ae8c9419	EVP_DecryptInit() should call EVP_CipherInit() not EVP_CipherInit_ex().	2003-01-17 00:48:47 +00:00
Richard Levitte	0bdd2da5d2	Ingore the correct flag file.	2003-01-16 21:36:17 +00:00
Richard Levitte	2f09524501	A few more files to ignore	2003-01-16 21:32:56 +00:00
Richard Levitte	06492aef01	make update	2003-01-16 21:20:30 +00:00
Richard Levitte	c00cee00fd	FreeBSD has /dev/crypto as well. PR: 462	2003-01-16 18:29:30 +00:00
Richard Levitte	8228f302dd	Add some debugging output.	2003-01-16 17:28:46 +00:00
Lutz Jänicke	018c56fdca	Armor against systems without ranlib... Submitted by: Thierry Lelegard <thierry.lelegard@canal-plus.fr> PR: 461	2003-01-16 17:22:30 +00:00
Bodo Möller	d745af4b0c	avoid potential confusion about curves (prime192v1 and prime256v1 are also known as secp192r1 and secp256r1, respectively) Submitted by: Nils Larsch, Bodo Moeller	2003-01-16 16:05:23 +00:00
Richard Levitte	44ea41cfff	make update	2003-01-16 13:01:36 +00:00
Lutz Jänicke	acad5755a2	ncr-scde target needs -lc89 for strcasecmp() and ftime() (Tim Rice, Martin Megele). PR: 450	2003-01-16 07:54:52 +00:00
Richard Levitte	28b958f732	Fix possible NULL dereferencial. Notified by Verdon Walker <VWalker@novell.com>	2003-01-16 06:00:55 +00:00
Richard Levitte	4e59cd3bb6	Add verbosity	2003-01-15 17:23:16 +00:00
Lutz Jänicke	a74333f905	Fix initialization sequence to prevent freeing of unitialized objects. Submitted by: Nils Larsch <nla@trustcenter.de> PR: 459	2003-01-15 14:54:59 +00:00
Bodo Möller	365e14622a	update error library for EC... changes Submitted by: Nils Larsch	2003-01-15 11:47:28 +00:00
Lutz Jänicke	8ec16ce711	Really fix SSLv2 session ID handling PR: 377	2003-01-15 09:51:22 +00:00
Geoff Thorpe	0e4aa0d2d2	As with RSA, which was modified recently, this change makes it possible to override key-generation implementations by placing handlers in the methods for DSA and DH. Also, parameter generation for DSA and DH is possible by another new handler for each method.	2003-01-15 02:01:55 +00:00
Dr. Stephen Henson	08cb96bba2	Set EXPORT_VAR_AS_FN for BC-32 to work around a compiler bug,	2003-01-14 20:54:18 +00:00
Richard Levitte	cdc5b4a41e	Extend the HOWTO on creating certificates, and add a HOWTO in creating keys. PR: 422	2003-01-14 15:42:16 +00:00
Lutz Jänicke	52e5e5c2ba	Document hpux-parisc2-cc problems, probably due to optimizer bug. PR: 426	2003-01-14 13:57:06 +00:00
Richard Levitte	c653b56937	Correct an example that has a few typos. PR: 458	2003-01-14 13:56:38 +00:00
Richard Levitte	04aff67de4	Merge from 0.9.7-stable.	2003-01-13 17:16:25 +00:00
Andy Polyakov	1a6356b2ca	Minor FAQ update	2003-01-13 16:34:05 +00:00
Bodo Möller	b05645902a	"!Cname surname" has now become redundant ...	2003-01-13 15:57:33 +00:00
Bodo Möller	54d4f8c320	undo part of a recent change: it's "surname", not "surName" (see X.520 aka ISO/IEC 9594-6)	2003-01-13 15:52:04 +00:00
Richard Levitte	c76153f31d	Make sure not to declare a clashing read() for DJGPP. PR: 440	2003-01-13 15:35:22 +00:00
Richard Levitte	8cbb91c857	DJGPP doesn't have DLLs, so skip adding to %PATH% in that environment. PR: 453	2003-01-13 15:16:40 +00:00
Bodo Möller	aaae0aa48b	add something to the '$no_shared_warn' text	2003-01-13 14:58:49 +00:00
Richard Levitte	0535d3b25f	Correct a misleading comment. PR: 456	2003-01-13 14:53:43 +00:00
Richard Levitte	62be003150	Revert: the names of the cygwin distribution will not be named openssl2-*. Requested by Corinna Vinschen <vinschen@redhat.com>	2003-01-13 14:47:52 +00:00
Richard Levitte	364c7cd621	UI_UTIL_read_pw() misinterpreted the values returned from UI functions. PR: 456	2003-01-13 14:17:43 +00:00
Bodo Möller	9d5390a049	document BN_GENCB API by adding an example	2003-01-13 13:44:20 +00:00
Bodo Möller	bda2fa364d	Typo. NB: This and other manual pages should be updated for the new BN_GENCB interface.	2003-01-13 13:18:22 +00:00
Richard Levitte	caa7b2ad4f	tty_in will never be stderr, so it will always be closed, which means stdin might get closed... Reported by Mark Daniel <Mark.Daniel@wasd.vsm.com.au>	2003-01-13 13:15:16 +00:00
Bodo Möller	c14b4d6b38	typo	2003-01-13 12:52:33 +00:00
Andy Polyakov	0382c95e4d	OpenBSD FAQ update. Apparently gas from binutils-2.x makes it impossible to use gcc -fPIC ... on OpenBSD-i386. Alternative solution is provided.	2003-01-12 21:39:13 +00:00
Andy Polyakov	fda20f08d0	Just an extra comment.	2003-01-12 15:50:59 +00:00
Richard Levitte	afd41c9fc7	Add better support for FreeBSD on non-x86 machines. Add specific support for FreeBSD on sparc64. PR: 427	2003-01-12 04:43:44 +00:00
Richard Levitte	2964ba8c6a	If the user said 'shared' and we haven't included support for shared libraries, warn him or her. Reminder by Andrew Marlow <apm35@student.open.ac.uk>	2003-01-11 11:40:39 +00:00
Richard Levitte	c0cc5c3059	Double the dollars that are intended for the command line. PR: 423	2003-01-10 16:32:32 +00:00
Richard Levitte	e68cb95d84	Add documentation on how to handle the shared libaries. PR: 423	2003-01-10 16:14:32 +00:00
Richard Levitte	448666239c	Name the flag file correctly	2003-01-10 16:04:07 +00:00
Richard Levitte	c0ac323360	CFLAG, not CFLAGS	2003-01-10 11:30:44 +00:00
Richard Levitte	a0cd3ca62b	It's recommended to do 'make clean' after having prepared a new build tree. PR: 437	2003-01-10 11:00:50 +00:00
Richard Levitte	4a9476dd8d	When preparing a separate build tree, don't make softlinks to softlinks. Add instructions in INSTALL, for easy access. PR: 437	2003-01-10 10:56:14 +00:00
Richard Levitte	8d2511688d	Force the removal. PR: 437	2003-01-10 10:54:59 +00:00
Richard Levitte	969511d2cb	Certain files must be removed before generating them, in case they point into a read-only source tree. PR: 437	2003-01-10 10:54:18 +00:00
Andy Polyakov	989f48d8c1	Avoid unnecessary pollution of object module name table. Cygwin shared build workaround (DJGPP swallows it too). One probably should do same as with ELF calling it COFF, but I'm very short in COFF platforms, so I just go for easy ad-hoc solution. I'll take care of merge to 0.9.7 later.	2003-01-10 10:16:39 +00:00
Richard Levitte	f8ea5cb579	Make sure everything that may be freed is allocated or initiated. PR: 446	2003-01-10 08:59:46 +00:00
Richard Levitte	360e506710	Typos corrected. PR: 445	2003-01-10 08:54:01 +00:00
Dr. Stephen Henson	09ad2458b8	Typo.	2003-01-09 16:54:21 +00:00
Richard Levitte	ad200a864e	The naming scheme wasn't quite correct for Cygwin	2003-01-09 16:15:46 +00:00
Andy Polyakov	9d1b5614f9	At least OpenBSD implements PIC in the same way ELF does.	2003-01-09 16:06:09 +00:00
Richard Levitte	416b19c6fc	gcc wants character constants to be correct. Before this change, the following would happen on Solaris: m4 -B 8192 asm/des_enc.m4 > asm/des_enc-sparc.S gcc -DOPENSSL_SYSNAME_ULTRASPARC -DOPENSSL_NO_STATIC_ENGINE -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -m32 -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DMD5_ASM -c -o asm/des_enc-sparc.o asm/des_enc-sparc.S asm/des_enc-sparc.S:2007: unterminated character constant asm/des_enc-sparc.S:2008: unterminated character constant	2003-01-09 13:25:14 +00:00
Dr. Stephen Henson	5b7249f302	NULL tofree when it is freed to avoid double free. Make sure key is not NULL before freeing it.	2003-01-09 13:06:49 +00:00
Andy Polyakov	699543e4a2	Finalizing asm support for UnixWare, SCO, OpenUnix... Note that I've replaced #if logic around bn_sub_part_words in bn_mul.c. I rely upon OPENSSL_BN_ASM_PART_WORDS being added by ./Configure script. Would it still work on non-Unix platforms?	2003-01-09 08:42:04 +00:00
Lutz Jänicke	4309c4ad46	Third argument to shl_load() is "long address", not a pointer. (Didn't influence functionality, as on HP-UX 32bit the NULL pointer is a 32bit 0-value and thus is identical to the required 0L.) PR: 443	2003-01-08 08:27:50 +00:00
Geoff Thorpe	4ebb5293fc	RSA_METHOD now supports key-generation, but (for now) none of these ENGINEs implement it.	2003-01-07 05:53:58 +00:00
Geoff Thorpe	2814c62915	This is the first step in allowing RSA_METHODs to implement their own key generation. This prototype matches the new API function RSA_generate_key_ex(), though both may be subject to change during development before 0.9.8.	2003-01-07 05:51:39 +00:00
Dr. Stephen Henson	876e96fdbf	Fix leak.	2003-01-04 18:25:24 +00:00
Andy Polyakov	f68843e3d7	Fix a typo.	2003-01-04 15:18:00 +00:00
Andy Polyakov	19a97a1df0	Another GAS fix-up and some commentary...	2003-01-04 14:41:09 +00:00
Andy Polyakov	72997517b0	GAS can't stand stub, which is stb's synonym.	2003-01-04 12:49:38 +00:00
Andy Polyakov	2a9fca82d2	Oops! I've toasted Cygwin! Fixed now.	2003-01-03 21:49:49 +00:00
Andy Polyakov	55b1516770	Redundant now as it's moved to ./Makefile.org.	2003-01-03 20:45:59 +00:00
Andy Polyakov	3cc9a89dda	Unified targets for ELF assembler modules. Tested on Linux, Solaris and FreeBSD. Goal is to extend support even to SCO5, UnixWare/OpenUnix...	2003-01-03 17:37:53 +00:00
Andy Polyakov	46a0d4fbcb	Support for ILP32 on HPUX-IA64.	2003-01-03 15:10:46 +00:00
Andy Polyakov	04945fda66	pa-risc2.s was not PIC, see RT#426. I strip call to fprintf as it's never called anyway (it's a debugging assertion). If pa-risc2W.s is PIC remains to be seen...	2003-01-03 10:52:40 +00:00
Andy Polyakov	97e2e71ef9	HP/UX 11i make gets upset by this line containing nothing but a Tab	2003-01-03 10:32:04 +00:00
Richard Levitte	c8a647846c	Rijndael should be called AES everywhere	2003-01-03 08:51:45 +00:00
Andy Polyakov	90ce14cd84	Support for Intel compiler. More details will be provided in closing note for RT#17 as snapshot becomes available for download.	2003-01-02 23:32:24 +00:00
Andy Polyakov	28e276f139	Complete integration of SPARC assembler DES implementation. Tested on Solaris only. I'll keep my eyes open for Linux and OpenBSD targets.	2003-01-02 23:26:46 +00:00
Andy Polyakov	f22e1e4dd2	UltraSPARC assembler DES implementation tune-up. The code can be compiled for any SPARC CPU (UltraSPARC performance is not affected), can be compiled for 64-bit ABI and is position-independent.	2003-01-02 17:40:33 +00:00
Andy Polyakov	e0d769caa2	Very old submission (from 2000) of UltraSPARC assembler DES implementation. It was not accepted because code is not PIC, too UltraSPARC-specific when it doesn't have to and 32-bit only. I'm committing the original version mostly for reference purposes. 64, PIC, blended CPU tune-up follows shortly. Obtained from: http://inet.uni2.dk/~svolaf/des.htm	2003-01-02 17:36:26 +00:00
Andy Polyakov	4a37c48789	I implemented this when troubleshooting performance problem on SPARC Solaris. As there is an apparent interest for optimization for footprint, I figured that this can eventually become useful.	2003-01-02 17:19:05 +00:00
Richard Levitte	ad492c3601	Link engines against libcrypto, even when a TCP/IP implementation is specified...	2003-01-02 00:26:01 +00:00
Richard Levitte	0c055b201e	Adjust the parameter lists in some not commonly used files. PR: 428	2003-01-01 23:41:46 +00:00
Richard Levitte	7eed0fc041	Make sure the last character of the ASN.1 time string (the 'Z') is copied. PR: 429	2003-01-01 03:40:59 +00:00
Richard Levitte	7a1c6aa2a3	It's rather silly to believe we'd release 0.9.7a in 2002 :-). It's even more silly to pretend we know which year 0.9.8 will be released.	2002-12-31 01:00:06 +00:00
Richard Levitte	948dcdb81b	Merge in changes from 0.9.7-stable.	2002-12-31 00:02:10 +00:00
Richard Levitte	08101d72ce	Merge in changes from 0.9.7-stable.	2002-12-30 23:56:09 +00:00
Andy Polyakov	75c4028585	My English is definitely not good as my assembly skills:-) And it looks like titles can't be multi-line...	2002-12-30 20:17:20 +00:00
Andy Polyakov	85f258d1c2	It probably belongs in PROBLEMS, but it's more likely to be a FAQ.	2002-12-30 11:10:03 +00:00
Richard Levitte	49be7042dc	Since we're including Kerberos 5 headers in our exported header files (when OpenSSL is configured to use Kerberos), we'd better tell pkg-config users where they can be found. PR: 421	2002-12-29 23:03:12 +00:00
Lutz Jänicke	44fcd3ef3e	Add information about AES cipher suites to ciphers manual page. If no authentication method is mentioned in the cipher suite name (e.g. AES128-SHA), RSA authentication is used (PR #396).	2002-12-29 21:24:50 +00:00
Lutz Jänicke	21cde7a41c	Fix wrong handling of session ID in SSLv2 client code. PR: 377	2002-12-29 20:59:35 +00:00
Ben Laurie	8598289936	Correct asm exclusions.	2002-12-29 17:57:09 +00:00
Richard Levitte	35dde7480f	OS/2 does binary by default, apparently. Reported by Brian Havard <brianh@kheldar.apana.org.au>.	2002-12-29 10:19:58 +00:00
Richard Levitte	5e42f9ab46	make update	2002-12-29 01:38:15 +00:00
Richard Levitte	7acf00a633	Finally get rid of all the algorithm inclusions that were done from evp.h. Application authors BEWARE! If you have had the habit to count on evp.h to provide all those lower-level algorithm functions, you need to think again! Please change your programs NOW, or you will be sorry when 0.9.8 gets release (it's quite some time away...).	2002-12-29 01:37:35 +00:00
Richard Levitte	69339d254b	make update	2002-12-28 02:42:05 +00:00
Richard Levitte	ec517d25e8	Merge from 0.9.7-stable.	2002-12-28 02:41:17 +00:00
Andy Polyakov	ce9b1b0573	I can't confirm the claim being removed and nobody seems to speak up for it.	2002-12-27 15:04:45 +00:00
Andy Polyakov	0a2407a851	UltraSPARC performance "tune-up."	2002-12-27 14:51:49 +00:00
Andy Polyakov	76a03d568e	FAQ addenum as discussed in RT#417.	2002-12-27 14:27:48 +00:00
Richard Levitte	7c03f26393	Kenneth R. Robinette just told me the latest snapshot works well with MIT Kerberos.	2002-12-27 14:01:40 +00:00
Richard Levitte	9ff9e406ea	Can't find the referense to errors on XP with Kerberos	2002-12-27 08:09:08 +00:00
Richard Levitte	b5beb13abb	Add SPKM among the related stanrds.	2002-12-26 22:35:04 +00:00
Richard Levitte	ceb12d3074	Updates	2002-12-26 22:25:02 +00:00
Richard Levitte	59c0dd56ab	Update our list of implemented and related standards.	2002-12-26 00:21:53 +00:00
Richard Levitte	dcf19c173c	Update our list of implemented and related standards.	2002-12-26 00:17:46 +00:00
Richard Levitte	e235000169	Spelling error. This patch was taken from the OpenBSD copy of OpenSSL 0.9.7 beta3 with patches	2002-12-25 22:16:56 +00:00
Richard Levitte	821951b851	Avoid double definition of config. PR: 420	2002-12-24 23:53:46 +00:00
Richard Levitte	35ba1f17dc	Updates	2002-12-24 23:52:07 +00:00
Lutz Jänicke	ea8e0cc7c2	Some more adjustments Submitted by: Jeffrey Altman <jaltman@columbia.edu>, "Kenneth R. Robinette" <support@securenetterm.com>	2002-12-24 21:55:57 +00:00
Richard Levitte	cb661c56b0	Cygwin needs the library locatin for .DLLs to be set in PATH. Unfortunately, the conditional was set to add the library directory to PATH when the platform is NOT Cygwin. Corrected. PR: 404	2002-12-24 10:50:11 +00:00
Richard Levitte	e904bd0ddc	All VMS-specific problems have been solved. Confirmed by Mark Daniel <Mark.Daniel@wasd.vsm.com.au>	2002-12-24 10:38:05 +00:00
Richard Levitte	e9883d285d	Finally, a bn_div_words() in VAX assembler that goes through all tests. PR: 413	2002-12-23 11:25:51 +00:00
Richard Levitte	8d6ad9e39d	Stop a possible memory leak. (I wonder why s2_connect() handles the initial buffer allocation slightly differently...) PR: 416	2002-12-21 23:49:21 +00:00
Richard Levitte	aa18245f7e	Make AES_ENCRYPT and AES_DECRYPT macros instead of static constants. PR: 411	2002-12-20 18:21:35 +00:00
Andy Polyakov	316bfb77b5	Fix for "shift count too large" when compiling for hpux-parisc2 and irix-mips. The bug was introduced with accelerated support for x86_64. My fault! Fixed now.	2002-12-20 18:11:30 +00:00
Richard Levitte	9b58214e4a	More accurate comments.	2002-12-20 16:38:36 +00:00
Richard Levitte	3c801fa460	A little debugging.	2002-12-20 16:38:06 +00:00
Richard Levitte	1c9202004b	Propagate MAKEDEPPROG to the subdirs under crypto/.	2002-12-20 15:28:42 +00:00
Lutz Jänicke	1004c99c29	Fix Kerberos5/SSL interaction Submitted by: "Kenneth R. Robinette" <support@securenetterm.com> Reviewed by: PR:	2002-12-20 12:48:00 +00:00
Richard Levitte	c9ecb1edd8	Keep the internal lowercase 'surname', for programmer's sake.	2002-12-20 09:39:34 +00:00
Richard Levitte	8baf5fdca0	Be consistent with capitalisation of object names.	2002-12-20 09:24:17 +00:00
Richard Levitte	aafafa314d	Be consistent with capitalisation of object names.	2002-12-20 09:18:18 +00:00
Richard Levitte	49e42a1f60	There was a mixup between INSTALLTOP and OPENSSLDIR...	2002-12-20 07:51:03 +00:00
Richard Levitte	9cd16b1dea	We stupidly had a separate LIBKRB5 variable for KRB5 library dependencies, and then didn't support it very well. And that when there already is a useful variable for exactly this kind of thing; EX_LIBS...	2002-12-19 22:10:12 +00:00
Richard Levitte	12cd28258d	Because the contents of openssl.pc may have to change when a configuration has been performed (and possibly changed), have it depend on Makefile.ssl.	2002-12-19 21:56:40 +00:00
Richard Levitte	9564997222	Small tweaks for code consistency.	2002-12-19 21:55:48 +00:00
Richard Levitte	f968059c67	To avoid any future programming glitches, let's make each and every assignment (modulo those I missed) individual statements.	2002-12-19 21:13:29 +00:00
Richard Levitte	0b900a5e93	I have no idea what possesed me to compile s_socket.c as POSIXly code. Incidently, it now compiles so much better without _POSIX_C_SOURCE.	2002-12-19 19:42:53 +00:00
Richard Levitte	09867a47a4	If _XOPEN_SOURCE_EXTENDED or _XOPEN_SOURCE are defined, _POSIX_C_SOURCE gets defined in DECC$TYPES.H. If _POSIX_C_SOURCE is defined, certain types do not get defined (u_char, u_int, ...). DECC.H gets included by assert.h and others. Now, in6.h uses the types u_char, u_int and so on, and gets included as part of other header inclusions, and will of course fail because of the missing types. On the other hand, _XOPEN_SOURCE_EXTENDED is needed to get gethostname() properly declared... Solution: define _XOPEN_SOURCE_EXTENDED much later, so DECC$TYPES.H has a chance to be included first, so the otherwise missing types get defined properly. Personal: mumble mumble	2002-12-19 19:39:30 +00:00
Richard Levitte	9d5c42b61b	It was pointed out to me that .pc files are normally stored in ${prefix}/lib/pkgconfig, not ${prefix}/lib/pkginfo.	2002-12-19 17:44:42 +00:00
Richard Levitte	8e7a8b68d2	It was pointed out to me that .pc files are normally stored in ${prefix}/lib/pkgconfig, not ${prefix}/lib/pkginfo.	2002-12-19 17:42:23 +00:00
Richard Levitte	4d625031a5	Update the current status	2002-12-18 10:24:02 +00:00
Andy Polyakov	26a60b2eb0	Better wording?	2002-12-18 09:42:51 +00:00
Andy Polyakov	07d09fdb66	Fix for RT#405, Solaris refuses to invoke preprocessor if egrep returns 1. Linux for example doesn't exhibit this behaviour, but I add "exit 0" to all potentially affected rules, just to be on the safe side.	2002-12-18 09:03:48 +00:00
Andy Polyakov	4553ed276b	Make "perl des-586.pl a.out" work, see RT#402	2002-12-17 08:05:49 +00:00
Andy Polyakov	62966f3829	'a=b c=$a; echo $c' doesn't necessarily prints "b", '' vs. "", $s in Makefiles... I suppose it wasn't tested very much...	2002-12-16 23:35:17 +00:00
Richard Levitte	c445142505	Transfer the Solaris shared library building changes from 0.9.7-stable.	2002-12-16 20:33:38 +00:00
Richard Levitte	f70ddce761	Protect loading routines with a lock. PR: 373	2002-12-16 06:06:03 +00:00
Richard Levitte	e29246cb17	Synchronise with Makefiles.	2002-12-15 20:59:24 +00:00
Andy Polyakov	146e6776f5	Always forget this one...	2002-12-15 16:01:21 +00:00
Andy Polyakov	a45051fbfc	DES PIC-ification. "Cygwin" companion. Problem was that preprocessor macro is not expanded if prepended with a $-sign.	2002-12-15 10:06:27 +00:00
Richard Levitte	ec9f67f610	Make sure manual pages are properly linked to on systems that have case insensitive file names, as well as those that do not have symlinks. Incidently, both these cases apply on DOS/Windows...	2002-12-15 06:45:43 +00:00
Richard Levitte	30c08f2e3d	Update the make system for installations: - define a HERE variable to indicate where the source tree is (used very little right now) - make more use of copying and making attribute changes to {file}.new, and then move it to {file} - use 'mv -f' to avoid all those questions to the user when the file in question doesn't have write attributes for that user.	2002-12-15 05:59:13 +00:00
Richard Levitte	9f100cf344	Don't define macros in terms of asm() when __STRICT_ANSI is defined.	2002-12-15 05:54:56 +00:00
Richard Levitte	a5a01e9051	Bring des_locl.h at the same level as in the 0.9.7 branch. Don't define macros in terms of asm() when __STRICT_ANSI is defined.	2002-12-15 05:54:26 +00:00
Andy Polyakov	6be4688bdc	Ooops! No ROTATE on some platforms after x86_64 performance patch...	2002-12-15 00:47:47 +00:00
Andy Polyakov	717c5cdcc7	As you might have noticed I tried to change for . prefix, because it's the one to be used to denote local labels in single function scope. Problem is that SHA uses same label set across functions, therefore I have to switch back to $ prefix.	2002-12-14 23:14:00 +00:00
Andy Polyakov	0654bba39f	Solaris shared build fix-ups. See RT#238,239 for details.	2002-12-14 21:46:46 +00:00
Andy Polyakov	4d77d5b316	New DETECT_GNU_LD procedure.	2002-12-14 20:52:19 +00:00
Andy Polyakov	2f98abbcb6	x86_64 performance patch.	2002-12-14 20:42:05 +00:00
Andy Polyakov	270fa8aeda	DES PIC-ification. Windows companion.	2002-12-14 17:54:30 +00:00
Geoff Thorpe	4329db3726	The ampersand is not required in these constructs, and was giving AIX warnings. Reported by: Bernhard Simon.	2002-12-13 22:01:46 +00:00
Andy Polyakov	6f7ac8e1b0	IA-32 assembler modules (primarily DES) PIC-ification. Idea is to keep shared libraries shared.	2002-12-13 17:56:14 +00:00
Richard Levitte	a1457874c6	OK, there's at least one application author who has provided dynamic locking callbacks	2002-12-13 07:30:53 +00:00
Richard Levitte	18be6c4116	BIO_new_bio_pair() was unnecessarily described in it's own page as well as in BIO_s_bio.pod. The most logical is to move everything needed from BIO_new_bio_pair.pod to BIO_s_bio.pod (including the nice example) and toss BIO_new_bio_pair.pod. I hope I got all the info over properly. PR: 370	2002-12-12 22:12:02 +00:00
Richard Levitte	dad1535f7a	BIO_set_nbio() is enumerated, but not explained. Remove it from enumeration since it's both enumerated and explained in BIO_s_connect.pod. PR: 370	2002-12-12 22:08:49 +00:00
Richard Levitte	f60e6604b8	I forgot one item I intend to work on.	2002-12-12 19:40:55 +00:00
Richard Levitte	0d3f2ccb62	Skip DH-specific tests when no-dh has been configured. PR: 353	2002-12-12 18:43:10 +00:00
Richard Levitte	14676ffcd6	Document the modifications in 0.9.7 that will make the hw_ncipher.c engine work properly even in bad situations.	2002-12-12 17:40:15 +00:00
Geoff Thorpe	e5a08ce44d	Make 'tunala' link with zlib if possible (so it works if openssl was configured with zlib support).	2002-12-11 19:07:03 +00:00
Richard Levitte	b9b6e14b4a	In CRYPTO_lock(), check that the application cares about locking (provided callbacks) before attempting to lock.	2002-12-11 08:56:35 +00:00
Richard Levitte	442d42300b	sk_*_push() returns the number of items on the stack, not the index of the pushed item. The index is the number of items - 1. And if a NULL item was found, actually use it. Finally, provide a little bit of safety in CRYPTO_lock() by asserting the a requested dynamic lock really must exist, instead of just being silent about it	2002-12-11 08:33:31 +00:00
Richard Levitte	75e1c74724	Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H were defined.	2002-12-11 07:37:54 +00:00
Richard Levitte	5db2b5e573	Let's not forget the other places where HEADER_DES_H and HEADER_DES_OLD_H were defined.	2002-12-11 07:24:43 +00:00
Richard Levitte	005ef84c5d	Since HEADER_DES_H has been the protector of des.h since libdes (before SSLeay, maybe?), it's better to have that macro protect the compatibility header des_old.h. In the new des.h, let's use a slightly different protecting macro. The rationale is that there are application that might include (via other header files, perhaps) both an old libdes des.h and OpenSSL's des.h. Whichever comes first would overshadow the other because of the clash in protecting macro. This fix solves that problem.	2002-12-11 06:59:16 +00:00
Geoff Thorpe	f92570f00a	This stops a compiler warning from -Wmissing-prototypes. (Noticed by Nils Larsch)	2002-12-11 03:34:26 +00:00
Lutz Jänicke	9314e366c8	Update -Olimit setting. Submitted by: Bernhard Simon <simon@zid.tuwien.ac.at> Reviewed by: PR:	2002-12-10 18:48:14 +00:00
Ralf S. Engelschall	b22c7a1cfb	test commit (just removing tailing blanks) #2 after migration	2002-12-10 12:01:39 +00:00
Ralf S. Engelschall	99efc0f50f	test commit (removing trailing blanks) after migration	2002-12-10 10:51:18 +00:00
Ralf S. Engelschall	d979d09ccc	test blank-line commit after migration -- just ignore	2002-12-10 10:49:22 +00:00
Richard Levitte	c17810b087	A memset() too many got converted into a OPENSSL_cleanse(). PR: 393	2002-12-10 08:26:05 +00:00
Andy Polyakov	e0b2073fd4	BN_sqr test failure entry.	2002-12-09 13:43:38 +00:00
Lutz Jänicke	123e5dfc3a	Fix wrong URI. Submitted by: assar@kth.se Reviewed by: PR: 390	2002-12-09 08:49:58 +00:00
Richard Levitte	0edad88a31	make update	2002-12-09 02:19:27 +00:00
Richard Levitte	4ccfe5f49b	Hmm, Geoff's change made things quite interesting. We can now give users the option of disabling deprecated functions, which should of course be reflected in libeay.num and .def files. Quite nice, actually.	2002-12-09 02:18:16 +00:00
Geoff Thorpe	e189872486	Nils Larsch submitted; - a patch to fix a memory leak in rsa_gen.c - a note about compiler warnings with unions - a note about improving structure element names This applies his patch and implements a solution to the notes.	2002-12-08 16:45:26 +00:00
Richard Levitte	fdaea9ed2e	Since it's defined in draft-ietf-tls-compression-04.txt, let's make ZLIB a known compression method, with the identity 1.	2002-12-08 09:31:41 +00:00
Geoff Thorpe	5daec7ea0e	Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are being built with it defined - it is not a symbol to affect how openssl itself builds, but to alter the way openssl headers can be used from an API point of view. The "deprecated" function wrappers will always remain inside OpenSSL at least as long as they're still being used internally. :-) The exception is dsaparam which has been updated to the BN_GENCB-based functions to test the new functionality. If GENCB_TEST is defined, dsaparam will support a "-timebomb <n>" switch to cancel parameter-generation if it gets as far as 'n' seconds without completion.	2002-12-08 05:38:44 +00:00
Geoff Thorpe	e9224c7177	This is a first-cut at improving the callback mechanisms used in key-generation and prime-checking functions. Rather than explicitly passing callback functions and caller-defined context data for the callbacks, a new structure BN_GENCB is defined that encapsulates this; a pointer to the structure is passed to all such functions instead. This wrapper structure allows the encapsulation of "old" and "new" style callbacks - "new" callbacks return a boolean result on the understanding that returning FALSE should terminate keygen/primality processing. The BN_GENCB abstraction will allow future callback modifications without needing to break binary compatibility nor change the API function prototypes. The new API functions have been given names ending in "_ex" and the old functions are implemented as wrappers to the new ones. The OPENSSL_NO_DEPRECATED symbol has been introduced so that, if defined, declaration of the older functions will be skipped. NB: Some openssl-internal code will stick with the older callbacks for now, so appropriate "#undef" logic will be put in place - this is in case the user is building openssl (rather than including its headers) with this symbol defined. There is another change in the new _ex functions; the key-generation functions do not return key structures but operate on structures passed by the caller, the return value is a boolean. This will allow for a smoother transition to having key-generation as "virtual function" in the various ***_METHOD tables.	2002-12-08 05:24:31 +00:00
Geoff Thorpe	e90e719739	Fix a warning, and do some constification as a lucky side-effect :-)	2002-12-08 05:19:43 +00:00
Richard Levitte	7ba666fa0e	Since it's defined in draft-ietf-tls-compression-04.txt, let's make ZLIB a known compression method, with the identity 1.	2002-12-08 02:41:11 +00:00
Richard Levitte	86a62cf15c	Implement a stateful variant if the ZLIB compression method. The old stateless variant is kept, but isn't used anywhere.	2002-12-08 02:39:38 +00:00
Richard Levitte	b11405723d	Forgot one.	2002-12-07 20:03:42 +00:00
Richard Levitte	4c3a2b4f8a	Add a few items I intend to work on for 0.9.8 and on.	2002-12-07 20:02:20 +00:00
Andy Polyakov	bbf8198feb	Workaround for GCC-ia64 compiler bug. Submitted by: <appro> Reviewed by: PR:	2002-12-06 17:18:10 +00:00
Richard Levitte	3dda0dd2a2	Some compilers are quite picky about non-void functions that don't return anything.	2002-12-06 08:50:06 +00:00
Richard Levitte	fa63a98ad8	Apparently, bash is more forgiving than sh. To be backward compatible, don't use ==, use = instead...	2002-12-06 08:43:41 +00:00
Richard Levitte	1fc73fef48	Keep NEWS in HEAD up to date.	2002-12-06 00:39:03 +00:00
Richard Levitte	90543bd07a	Keep STATUS in HEAD up to date.	2002-12-05 23:01:17 +00:00
Richard Levitte	43ecece595	Merge in relevant changes from the OpenSSL 0.9.6h release.	2002-12-05 21:50:13 +00:00
Richard Levitte	4ba8cabf62	SSL_CERT_FILE should be used in place of the system default file, not as a first alternative to try	2002-12-05 21:07:26 +00:00
Richard Levitte	f68bb3c51f	Corrected DJGPP patch	2002-12-05 20:50:25 +00:00
Andy Polyakov	6d4ac67ac1	linux64-sparcv9 support finally debugged and tested. Submitted by: Reviewed by: PR:	2002-12-05 13:17:52 +00:00
Richard Levitte	b84d5b72f1	Make sure to implement the cryptodev engine only when /dev/crypto exists.	2002-12-05 10:16:28 +00:00
Richard Levitte	8cbccedf7c	make update	2002-12-05 01:55:48 +00:00
Richard Levitte	1c24347062	Declare another general file.	2002-12-05 01:42:14 +00:00
Richard Levitte	9ef888130d	Allow users to modify /MD to /MT. PR: 380	2002-12-05 01:35:04 +00:00
Richard Levitte	4387f47832	Make sure using SSL_CERT_FILE actually works, and has priority over system defaults. PR: 376	2002-12-05 01:20:47 +00:00
Richard Levitte	38d6e4bb50	If an application supports static locks, it MUST support dynamic locks as well to be able to use the CHIL engine. PR: 281	2002-12-05 00:56:58 +00:00
Richard Levitte	ced621e3c2	PR: 381	2002-12-05 00:05:48 +00:00
Richard Levitte	85940ea8ea	Only check for a result buffer if the allocated string is a prompt string. PR: 381	2002-12-05 00:04:30 +00:00
Richard Levitte	439ae4d398	Do not implement RC4 stuff if RC4 is disabled. Concequently, apply the same rule for SHA stuff. PR: 381	2002-12-04 22:54:02 +00:00
Richard Levitte	4fbe40c54f	gethostname() is more a BSD feature than an XOPEN one. PR: 379	2002-12-04 22:48:01 +00:00
Richard Levitte	578ca7e4cd	Correct a few typos that I introduced after applying DJGPP patches.	2002-12-04 19:13:43 +00:00
Bodo Möller	7e8c30b589	In ECPKParameters_print, output the private key length correctly (length of the order of the group, not length of the actual key, which will be shorter in some cases). Submitted by: Nils Larsch	2002-12-04 17:43:01 +00:00
Bodo Möller	2b32b28191	Don't compute timings here, we can do this elsewhere. Include X9.62 signature examples. Submitted by: Nils Larsch	2002-12-04 17:38:40 +00:00
Lutz Jänicke	532215f2db	Missing ")" Submitted by: Christian Hohnstaedt <chohnstaedt@innominate.com> Reviewed by: PR:	2002-12-04 13:30:58 +00:00
Richard Levitte	5319be4438	DJGPP patches. PR: 347	2002-12-04 09:54:10 +00:00
Richard Levitte	f7a3e73ef6	Add support for x86_64. PR: 348	2002-12-04 09:17:43 +00:00
Richard Levitte	ff3345cb72	A gcc 3.0 bug is triggered by our code. Add a section about it in PROBLEMS. PR: 375	2002-12-04 08:24:18 +00:00
Dr. Stephen Henson	716b2079dc	Make ASN1_TYPE_get() work for V_ASN1_NULL type.	2002-12-04 00:49:46 +00:00
Dr. Stephen Henson	e7b6228fd3	Typo in X509v3_get_ext_by_critical	2002-12-04 00:16:00 +00:00
Dr. Stephen Henson	2053c43de2	In asn1_d2i_read_bio, don't assume BIO_read will return the requested number of bytes when reading content.	2002-12-03 23:50:59 +00:00
Richard Levitte	1c3e4a3660	EXIT() may mean return(). That's confusing, so let's have it really mean exit() in whatever way works for the intended platform, and define OPENSSL_EXIT() to have the old meaning (the name is of course because it's only used in the openssl program)	2002-12-03 16:33:03 +00:00
Richard Levitte	4707991520	Make CRYPTO_cleanse() independent of endianness.	2002-12-03 16:06:40 +00:00
Richard Levitte	7a1f92fdc3	Windows CE updates, contributed by Steven Reddie <smr@essemer.com.au>	2002-12-03 14:20:44 +00:00
Richard Levitte	e7a285694e	define USE_SOCKETS so sys/param.h gets included (and thusly, MAXHOSTNAMELEN gets defined). PR: 371	2002-12-02 22:49:02 +00:00
Richard Levitte	6ab285bf4c	I think I got it now. Apparently, the case of having to shift down the divisor was a bit more complex than I first saw. The lost bit can't just be discarded, as there are cases where it is important. For example, look at dividing 320000 with 80000 vs. 80001 (all decimals), the difference is crucial. The trick here is to check if that lost bit was 1, and in that case, do the following: 1. subtract the quotient from the remainder 2. as long as the remainder is negative, add the divisor (the whole divisor, not the shofted down copy) to it, and decrease the quotient by one. There's probably a nice mathematical proof for this already, but I won't bother with that, unless someone requests it from me.	2002-12-02 21:31:45 +00:00
Richard Levitte	1d3159bcca	Make some names consistent.	2002-12-02 02:40:27 +00:00
Richard Levitte	f60ceb54eb	Through some experimentation and thinking, I think I finally got the proper implementation of bn_div_words() for VAX. If the tests go through well, the next step will be to test on Alpha.	2002-12-02 02:28:27 +00:00
Richard Levitte	0f995b2f40	Small bugfix: even when r == d, we need to adjust r and q. PR: 366	2002-12-01 02:17:23 +00:00
Richard Levitte	848f735ae4	EXIT() needs to be in a function that returns int.	2002-12-01 01:23:35 +00:00
Richard Levitte	a678430602	Redo the VAX assembler version of bn_div_words(). PR: 366	2002-12-01 00:49:36 +00:00
Richard Levitte	e9b553dac1	Remove incorrect assert. PR: 360	2002-11-29 15:18:22 +00:00
Richard Levitte	db3758923b	Make it so all names mentioned in the NAME section of each manpage becomes a symlink to said manpage. PR: 242	2002-11-29 15:00:58 +00:00
Richard Levitte	5e4a75e79f	Correct some names.	2002-11-29 14:21:54 +00:00
Richard Levitte	43d601641f	A few more memset()s converted to OPENSSL_cleanse(). I think I got them all covered by now, bu please, if you find any more, tell me and I'll correct it. PR: 343	2002-11-29 11:30:45 +00:00
Richard Levitte	55f78baf32	Have all tests use EXIT() to exit rather than exit(), since the latter doesn't always give the expected result on some platforms.	2002-11-28 18:54:30 +00:00
Richard Levitte	6c359479d7	Make sure EXIT() can always be used as one statement.	2002-11-28 18:52:14 +00:00
Richard Levitte	4579924b7e	Cleanse memory using the new OPENSSL_cleanse() function. I've covered all the memset()s I felt safe modifying, but may have missed some.	2002-11-28 08:04:36 +00:00
Richard Levitte	2047bda6fb	Unused variable removed.	2002-11-27 13:40:41 +00:00
Richard Levitte	406c6f6962	Extra ; removed.	2002-11-27 13:40:11 +00:00
Richard Levitte	df29cc8f77	Add OPENSSL_cleanse() to help cleanse memory and avoid certain compiler and linker optimizations. PR: 343	2002-11-27 12:24:05 +00:00
Richard Levitte	ec7164133d	I forgot that @ in strings must be escaped in Perl	2002-11-26 15:27:05 +00:00
Richard Levitte	ba8ad07490	The logic in the main signing and verifying functions to check lengths was incorrect. Fortunately, there is a second check that's correct, when adding the pads. PR: 355	2002-11-26 11:14:32 +00:00
Richard Levitte	17582ccf21	Heimdal isn't really supported right now. Say so, and offer a possibility to force the use of Heimdal, and warn if that's used. PR: 346	2002-11-26 10:11:58 +00:00
Richard Levitte	31be2daa06	Small bugfixes to the KSSL implementation. PR: 349	2002-11-26 10:09:36 +00:00
Richard Levitte	de868e0b94	Heimdal isn't really supported right now. Say so, and offer a possibility to force the use of Heimdal, and warn if that's used. PR: 346	2002-11-26 09:19:17 +00:00
Bodo Möller	15994b034a	rename some functions to improve consistency Submitted by: Sheueling Chang	2002-11-23 18:16:09 +00:00
Bodo Möller	922fa76e26	add a comment	2002-11-22 09:25:35 +00:00
Richard Levitte	19aa370573	Disable this module if OPENSSL_NO_SOCK is defined.	2002-11-22 08:45:20 +00:00
Richard Levitte	d020e701bb	Typo. OPENSSL_NO_ECDH, not NO_OPENSSL_ECDH	2002-11-22 08:40:34 +00:00
Richard Levitte	364ff369d1	Mention a current showstopper	2002-11-21 22:39:08 +00:00
Bodo Möller	8a09b3866a	avoid uninitialized memory read Submitted by: Nils Larsch	2002-11-20 10:55:27 +00:00
Bodo Möller	137445140b	Make ec_GFp_simple_point_get_affine_coordinates() faster for Montgomery representations. Submitted by: Sheueling Chang, Bodo Moeller	2002-11-20 10:53:33 +00:00
Lutz Jänicke	6a8afe2201	Fix bug introduced by the attempt to fix client side external session caching (#288): now internal caching failed (#351): Make sure, that cipher_id is set before comparing. Submitted by: Reviewed by: PR: 288 (and 351)	2002-11-20 10:48:58 +00:00
Bodo Möller	1e3a9b650f	allocate bio_err before memory debugging is enabled to avoid memory leaks (we can't release it before the CRYPTO_mem_leaks() call!) Submitted by: Nils Larsch	2002-11-19 11:56:05 +00:00
Richard Levitte	229dc0ee31	It works on my laptop :-).	2002-11-19 11:52:24 +00:00
Richard Levitte	fcc764639d	make update	2002-11-19 11:40:14 +00:00
Richard Levitte	821385ad00	Fix an unsigned/signed mismatch.	2002-11-19 11:28:28 +00:00
Richard Levitte	25ff76d565	Update STATUS	2002-11-19 09:34:34 +00:00
Richard Levitte	9801fb61d0	Add news items for 0.9.6h and expand on the 0.9.7 news as well.	2002-11-18 23:58:24 +00:00
Richard Levitte	20199ca809	Document the addition of certificate pairs.	2002-11-18 23:56:15 +00:00
Richard Levitte	711f1a3c26	Add the ASN.1 structures and functions for CertificatePair, which is defined as follows (according to X.509_4thEditionDraftV6.pdf): CertificatePair ::= SEQUENCE { forward [0] Certificate OPTIONAL, reverse [1] Certificate OPTIONAL, -- at least one of the pair shall be present -- } The only thing I'm not sure about is if it's implicit or explicit tags that I should count on. For now, I'm thinking explicit, but will gladly stand corrected. Also implement the PEM functions to read and write certificate pairs, and defined the PEM tag as "CERTIFICATE PAIR". This needed to be defined, mostly for the sake of the LDAP attribute crossCertificatePair, but may prove useful elsewhere as well.	2002-11-18 23:54:27 +00:00
Richard Levitte	a1d85309ee	Determine HZ exactly as in apps/speed.c.	2002-11-18 23:06:36 +00:00
Richard Levitte	450cee5c3a	Make sure sysconf exists (it doesn't in the VMS C RTL lesser than version 7).	2002-11-18 23:05:39 +00:00
Bodo Möller	a2dbcf3644	remove redundant functions	2002-11-18 14:37:35 +00:00
Bodo Möller	4663355496	use consistent order of function definitions	2002-11-18 14:33:39 +00:00
Bodo Möller	9dc610495c	fix memory leak in memory debuggin code ... Submitted by: Nils Larsch	2002-11-18 14:00:42 +00:00
Bodo Möller	055076cd4f	allocate bio_err before memory debugging is enabled to avoid memory leaks (we can't release it before the CRYPTO_mem_leaks() call!) Submitted by: Nils Larsch	2002-11-18 13:37:40 +00:00
Richard Levitte	527497a722	A variable of type time_t is supposed to be a time measurement starting at Epoch. offset isn't such a measurement, so let's stop pretend it is.	2002-11-18 13:04:08 +00:00
Lutz Jänicke	32d21c1ef6	Better workaround to the "=head1 NAME OPTIONS" pod2latex problem: NAME OPTIONS are a subset of OPTIONS, so just make it =head2! Submitted by: Reviewed by: PR: 333	2002-11-18 08:15:45 +00:00
Richard Levitte	629b58b7fb	Make it possible to build for more than one CPU. Clarify what the CE tests do.	2002-11-17 19:48:19 +00:00
Richard Levitte	7fa2a81d34	Ignore openssl.pc. This way, there's no risk that I'll add it again :-).	2002-11-17 08:07:08 +00:00
Richard Levitte	7f66ab4783	Adding openssl.pc to the repository was a mistake, since it's generated.	2002-11-17 08:05:38 +00:00
Richard Levitte	95189389b0	Add the file openssl.pc that I forgot a while ago.	2002-11-17 08:03:24 +00:00
Richard Levitte	b4b82ab465	I forgot this is compiled in test/, not crypto/ec/...	2002-11-16 10:10:39 +00:00
Richard Levitte	89618e7a0d	We don't want TARGETCPU expanded here.	2002-11-16 09:42:04 +00:00
Richard Levitte	b87e2576b5	Mention ActiveState Perl much earlier in INSTALL.WCE.	2002-11-15 22:54:13 +00:00
Richard Levitte	0bf23d9b20	WinCE patches	2002-11-15 22:37:18 +00:00
Lutz Jänicke	813f256783	Fix buggy #! magic and update ssleay->openssl Submitted by: Reviewed by: PR: 305	2002-11-15 21:26:42 +00:00
Richard Levitte	bfa96bc20e	Add the INHIBIT_SYMLINKS flag variable to help Cygwin. Add missing semicolons. Add a comment explaining a bunch of targets without any action lines.	2002-11-15 16:56:36 +00:00
Richard Levitte	6f17f16fd5	Changes to make shared library building and use work better with Cygwin	2002-11-15 16:48:38 +00:00
Richard Levitte	84034f7aec	Document the change to remove the 'done' flag variable in the OpenSSL_add_all_*() routines	2002-11-15 13:58:11 +00:00
Bodo Möller	acce40c585	this method does not need field_data1	2002-11-15 12:43:15 +00:00
Richard Levitte	6dc78bf7e8	make update	2002-11-15 11:20:43 +00:00
Richard Levitte	ce4f169ff9	A few more Microsoft OIDs added	2002-11-15 11:17:50 +00:00
Lutz Jänicke	c566205319	The pointer to the cipher object is not yet set, when session was reloaded from external cache (using d2i_SSL_SESSION). Perform comparison based on the cipher's id instead. Submitted by: Steve Haslam <araqnid@innocent.com> Reviewed by: PR: 288	2002-11-15 10:53:33 +00:00
Richard Levitte	eaf6c61c9f	The architecture name is i486, not just 486	2002-11-15 10:28:28 +00:00
Richard Levitte	4c53d11d7f	-Wid-clash-n isn't support in gcc 3, and I get better result from continuously rebuilding on a VMS box.	2002-11-15 10:19:23 +00:00
Richard Levitte	1d647444e3	I know ANSI C doesn't like 'long long', and I don't want to see it	2002-11-15 10:15:56 +00:00
Richard Levitte	c1eeb6078f	Spell prototypes correctly :-).	2002-11-15 09:56:01 +00:00
Richard Levitte	953db08416	Add -Wstrict-prototype and -Wmissing-prototype to my debugging targets	2002-11-15 09:53:46 +00:00
Richard Levitte	0a5942093e	We need to read one more byte of the REQUEST-CERTIFICATE message. PR: 300	2002-11-15 09:15:55 +00:00
Dr. Stephen Henson	d78254aa28	Add SETWRAP modifier to ASN1 generate.	2002-11-15 00:26:07 +00:00
Richard Levitte	af67804bef	make update	2002-11-14 23:56:12 +00:00
Richard Levitte	35a6db8640	Close the implicitely opened registry key. PR: 264	2002-11-14 23:33:28 +00:00
Lutz Jänicke	56dc24d483	Use =back to finish =over (found using pod2latex). Submitted by: Reviewed by: PR:	2002-11-14 21:50:30 +00:00
Lutz Jänicke	84d828ab70	No such reference to link to (found running pod2latex). Submitted by: Reviewed by: PR:	2002-11-14 21:41:54 +00:00
Dr. Stephen Henson	cfae3d94e9	Fix documentation of i2d_X509_fp and i2d_X509_bio.	2002-11-14 18:15:52 +00:00
Richard Levitte	b9c23cca01	Add Tandem OSS target. PR: 192	2002-11-14 16:30:11 +00:00
Richard Levitte	c863201780	Remove warnings.	2002-11-14 15:57:38 +00:00
Richard Levitte	cb21d001c9	DCL logic bugs fixed. (I really need to review my knowledge of the language)	2002-11-14 15:38:47 +00:00
Richard Levitte	c7faede37b	It seems like gcc 2.9aix5.1 doesn't do will with optimization level 3. PR: 115	2002-11-14 14:07:48 +00:00
Richard Levitte	d4e573f305	Add a FAQ on how to check the authenticity of the openSSL distribution. PR: 292	2002-11-14 13:00:59 +00:00
Richard Levitte	e20afbb340	Cygwin fixes	2002-11-14 12:39:39 +00:00
Bodo Möller	2b2ab52354	harmonize with 0.9.7 tree	2002-11-14 12:17:47 +00:00
Richard Levitte	8d6e60486f	Fix to build better with DJGPP. PR: 338 Here's the description, submitted by Gisle Vanem <giva@bgnett.no>: 1. sock_init() renamed to ssl_sock_init() in ./apps/s_socket.c due to name-clash with Watt-32. 2. rand() renamed to Rand() in ./crypto/bn/divtest.c due to name-clash with <stdlib.h> 3. Added calls to dbug_init()/sock_init() in some demo programs. 4. Changed cflags/lflags in configure. Watt-32 install root now taken from $WATT_ROOT.	2002-11-14 11:22:01 +00:00
Lutz Jänicke	1f30946481	Don't declare 2 WARNINGS sections Submitted by: Reviewed by: PR:	2002-11-14 11:13:01 +00:00
Lutz Jänicke	b1697f189b	Opportunistic change to work around pod2latex bug: rename NAME OPTIONS section to SUBJECT AND ISSUER NAME OPTIONS Submitted by: Reviewed by: PR: 333	2002-11-14 11:09:07 +00:00
Lutz Jänicke	17a202add7	Correct reference to section name. Submitted by: Reviewed by: PR:	2002-11-14 11:03:30 +00:00
Bodo Möller	3bd16a8902	fix output Submitted by: Nils Larsch	2002-11-14 10:57:45 +00:00
Bodo Möller	555d75252a	use new BIO_indent() function here as well Submitted by: Nils Larsch	2002-11-14 10:56:59 +00:00
Lutz Jänicke	eaad02a747	Missing =back Submitted by: Reviewed by: PR:	2002-11-14 10:51:54 +00:00
Richard Levitte	97101fafd5	The directory 'rijndael' doesn't exist any more, let's check the aes directory instead (this should have been done long ago...).	2002-11-14 08:23:32 +00:00
Richard Levitte	403f1bdc70	When AES is skipped because the option 'no-rijndael' was given, make sure it's skipped from SDIRS as well.	2002-11-14 08:20:40 +00:00
Richard Levitte	d574d83993	Make the Windows test scripts consistent in their echoing	2002-11-14 08:08:55 +00:00
Richard Levitte	83411793b6	Handle last lines that aren't properly terminated. PR: 308	2002-11-14 06:51:18 +00:00
Dr. Stephen Henson	65caee44ff	Fix get_email: 0 is a valid return value	2002-11-14 00:46:11 +00:00
Richard Levitte	738554331b	Constification needed. PR: 241	2002-11-13 23:47:31 +00:00
Richard Levitte	3f083ef0eb	free() -> OPENSSL_free()	2002-11-13 20:25:47 +00:00
Richard Levitte	17ed6c06a7	Merge from 0.9.7-stable.	2002-11-13 18:10:30 +00:00
Richard Levitte	c112323dd5	This didn't get to the 0.9.8-dev thread...	2002-11-13 18:09:27 +00:00
Richard Levitte	0709385d3c	Correct support for SunOS 4.1.3_U1. PR: 227	2002-11-13 16:11:14 +00:00
Ben Laurie	54a656ef08	Security fixes brought forward from 0.9.7.	2002-11-13 15:43:43 +00:00
Richard Levitte	8f797f14b8	When build as dynamic engines, the loading functions should be defined static.	2002-11-13 15:30:25 +00:00
Richard Levitte	c0d64de660	Make internal functions static.	2002-11-13 14:34:53 +00:00
Richard Levitte	c1ce8cf3b8	Name the flag files correctly.	2002-11-13 14:31:34 +00:00
Dr. Stephen Henson	2d780dfd81	Typo	2002-11-13 14:07:37 +00:00
Bodo Möller	b6fee5c2fb	disable weird assert()s	2002-11-13 14:01:34 +00:00
Bodo Möller	10fa047622	remove unused old directory crypto/rijndael (superseded by crypto/aes)	2002-11-13 13:55:41 +00:00
Dr. Stephen Henson	04f0a6ba39	Update docs	2002-11-13 13:18:14 +00:00
Ben Laurie	eb43641dd3	Fix warnings, makefile cockup.	2002-11-13 11:59:48 +00:00
Dr. Stephen Henson	d479dc1d02	Put NAME in right place, fix typo	2002-11-13 01:20:43 +00:00
Dr. Stephen Henson	7fb8d254fe	Only accept exact match for modifier or tag name	2002-11-13 00:57:41 +00:00
Dr. Stephen Henson	c99935e32c	Add header ctype.h	2002-11-13 00:42:11 +00:00
Dr. Stephen Henson	2232e262bf	Fix memory leak in s2i_ASN_INTEGER and return an error if any invalid characters are present.	2002-11-13 00:40:51 +00:00
Dr. Stephen Henson	137e7e3aa1	Update docs	2002-11-13 00:14:15 +00:00
Dr. Stephen Henson	ba36b61d3d	Initial ASN1 generation documentation.	2002-11-12 18:20:28 +00:00
Richard Levitte	ccb13ded84	Synchronise...	2002-11-12 13:55:20 +00:00
Dr. Stephen Henson	9ea1b87862	Initial ASN1 generation code. This can construct arbitrary encodings from strings and config files. Documentation to follow...	2002-11-12 13:34:51 +00:00
Richard Levitte	688cf84d1f	Make it possible to run individual tests even when linked with libcrypto.so and libssl.so	2002-11-12 11:25:23 +00:00
Richard Levitte	69ce48c307	Make the CBC mode od AES accept lengths that aren't multiples of 16. PR: 330	2002-11-12 11:00:25 +00:00
Richard Levitte	06b7c8d5ba	Variables on the stack must be initialized or we can't depend on any initial value. For errline/errorline, we did depend on that, erroneously	2002-11-11 21:34:21 +00:00
Richard Levitte	6722b62b36	Make the programs link against the static library on MacOS X. PR: 335	2002-11-11 20:46:52 +00:00
Lutz Jänicke	7d80b27949	Typo. Submitted by: assar <assar@kth.se> Reviewed by: PR:	2002-11-11 11:19:15 +00:00
Bodo Möller	d742bd882e	do tests with all built-in curves Submitted by: Nils Larsch	2002-11-11 10:25:12 +00:00
Bodo Möller	97a06ad9ef	corrections to built-in curves Submitted by: Nils Larsch	2002-11-11 10:24:52 +00:00
Lutz Jänicke	756b9a0046	Make sure permissions are friendly when building release tar file. Submitted by: Reviewed by: PR: 171	2002-11-11 08:57:04 +00:00
Lutz Jänicke	96c930dd2f	More information to the important issue of seeding the PRNG Submitted by: Reviewed by: PR: 285	2002-11-11 08:33:10 +00:00
Richard Levitte	c81a15099a	X509_NAME_cmp() now compares PrintableString and emailAddress with a value of type ia5String correctly. PR: 244	2002-11-09 21:52:20 +00:00
Dr. Stephen Henson	a8c125550c	Typo	2002-11-09 18:05:33 +00:00
Richard Levitte	3782350c14	-CAserial does take a filename argument. PR: 332	2002-11-08 21:53:54 +00:00
Richard Levitte	d6257073aa	-CAcreateserial doesn't take a filename argument. PR: 332	2002-11-08 21:51:09 +00:00
Richard Levitte	ddff68bee7	Windows doesn't know sys/file.h	2002-11-07 21:40:06 +00:00
Dr. Stephen Henson	491659c436	Typo in OCSP ASN1 module	2002-11-07 17:42:59 +00:00
Richard Levitte	8d6fc30bc7	Keep on using ${CC}, since gcc may act in disguise.	2002-11-06 23:39:03 +00:00
Richard Levitte	56824b9658	Generate openssl.pc so pkg-config can return proper data. PR: 163	2002-11-06 23:35:00 +00:00
Richard Levitte	892e9625d3	Stupid bug fixes. I've forgotten my DCL...	2002-11-06 17:27:11 +00:00
Bodo Möller	e2916b2540	print less output (no details unless a test failed) Submitted by: Nils Larsch	2002-11-06 11:48:09 +00:00	Internal Server Error - Atria-soft GIT 500 Internal Server Error Gitea Version: 1.25.1

Compare commits

3861 Commits

OpenSSL-en ... OpenSSL_0_

Compare commits

3861 Commits OpenSSL-en ... OpenSSL_0_

3861 Commits

OpenSSL-en ... OpenSSL_0_